Open Bug 1762313 Opened 3 years ago Updated 9 months ago

HAR Export doesn't properly encode content

Categories

(DevTools :: Netmonitor, defect, P3)

Product:
DevTools
Component:
Netmonitor
Version:
Firefox 98
Type:
defect

Tracking

(Not tracked)

People

(Reporter: thorin.geo, Unassigned)

References

(Blocks 1 open bug)

Details

Attachments

(3 files)

demo.owasp-juice.shop_Archive [22-03-30 19-21-30].har
25.25 KB, application/json
Details
expected.har
27.50 KB, application/json
Details
Produced HAR
33.25 KB, text/plain
Details

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0

Steps to reproduce:

  1. Visit: http://demo.owasp-juice.shop/rest/admin/application-configuration
  2. Open Dev Tools.
  3. Goto the network tab (reload if you need in order to see the traffic).
  4. Export the request/response as HAR. (Right click "Save All as HAR")
  5. Open the HAR in Notepad++ or whatever.
  6. Note the content claims to be base64 encoded but isn't:
          "content": {
            "mimeType": "application/vnd.mozilla.json.view; charset=utf-8",
            "size": 18755,
            "encoding": "base64",
            "text": "{\"config\":{\"server\":{\"port\":3000,\"basePath\":\"\"},...snip

Firefox 98.0.2. (Also had an example of the issue with 97.0.2) [Looking at the content-types below it seems to have something to do with Firefox's JSON pretty printing.]

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0

Actual results:

          "content": {
            "mimeType": "application/vnd.mozilla.json.view; charset=utf-8",
            "size": 18755,
            "encoding": "base64",
            "text": "{\"config\":{\"server\":{\"port\":3000,\"basePath\":\"\"},...snip

Expected results:

The content should have been saved properly encoded:

        "content" : {
          "size" : 18755,
          "compression" : 0,
          "mimeType" : "application/json; charset=utf-8",
          "encoding" : "base64"
          "text" : "eyJjb25maWciOnsic2VydmVyIjp7InBvcnQiOjMwMDAsImJhc2VQYXRoIjoiIn0sImFwcGxpY2F0aW9uIjp7ImRvb...snip
        },

The Bugbug bot thinks this bug should belong to the 'DevTools::Netmonitor' component, and is moving the bug to that component. Please correct in case you think the bot is wrong.

Component: Untriaged → Netmonitor
Product: Firefox → DevTools

This is what Firefox produced.

Attached file expected.har

This is more like what is expected. (This was produced with OWASP ZAP.)

Thank you for the report!

I can easily reproduce on my machine (Win10, latest m-c 100)

Blocks: netmonitor-har
Severity: -- → S3
Status: UNCONFIRMED → NEW
Ever confirmed: true
Priority: -- → P3

Here is the source responseible for building the content field in the HAR file (including text and encoding fields)

https://searchfox.org/mozilla-central/rev/fbb1e8462ad82b0e76b5c13dd0d6280cfb69e68d/devtools/client/netmonitor/src/har/har-builder.js#401-442

We should make sure the text is properly encoded and the encoding field set.

Hey Jan, if I wanted to setup a dev environment and try to tackle this where would I find like a "getting started guide" or something like that?

Flags: needinfo?(odvarko)

Hi Thorin, follow these docs: https://firefox-source-docs.mozilla.org/devtools/index.html

Please, let me know whether I should assign this bug to you.

Flags: needinfo?(odvarko)

Thanks, I'll see what I can get going then let you know.

Attached file Produced HAR
Confirmed this still happens: https://juice-shop.herokuapp.com/rest/admin/application-configuration <details> <summary>Produced HAR</summary>

Confirmed this still happens: https://juice-shop.herokuapp.com/rest/admin/application-configuration
(See "Produced HAR")

If I were to start looking at fixing this, do we want it to be encoded base64? Or do we want it to not claim to be encoded?

You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: