[feat] Web Request Callbacks and Filtering #4899
Comments
ColonelThirtyTwo
changed the title
This comment was marked as spam.
This comment was marked as spam.
|
i am developing a hybrid framework app that allows user installs or uninstalls a in-app "app" which is a regular web app with limited hybrid call accessability. the startup app, i call it "hybrid core", is a web desktop(just likes the windows explorer) which has full control of every "app" including but not limited to: "Networking Accessability", "FileSystem Accessability", "Native API Accessability". therefore, "hybrid core" need to intercept every single request including normal webview http/https/ws request, tauri custom protocol request, tauri ipc message request, etc. to make it works. |
|
i can intercept custom protocol request and ipc message now, but no normal http request. |
|
i developed a similar ios app for internal use(successfully upload to app store) in 2018. i want to refactor it that supports cross-platform with tauri recently. |
|
I'm waiting for this, too. Do we have any plans for this? Thanks. |
|
request filtering is planned, yes. At least a somewhat simple approach/implementation. modifying requests however is a tricky subject. It would be only possible on Windows. (In theory also on Linux but i do not consider this: #4912 (comment) a viable solution for tauri tbh) |
|
Should this be an issue in the WRY repo? Shouldn't be Tauri-specific, I think. |
|
Is there an update on this issue ? I agree that a "before/after http event" event with access to the request/response available would be a great addition and catch up to electron ! |
|
I want get webview's cookie data, i need this |
Describe the problem
Tauri should expose a way to register a Rust callback to intercept and modify requests that the application in the web view makes, as part of navigation, resource loading, or via JavaScript API calls. Election has an API to do this here: https://www.electronjs.org/docs/latest/api/web-request
Applications can use this functionality to modify requests for their needs (adding and removing headers for example) as well as preventing access to sites outside the scope of the application, for security.
Describe the solution you'd like
Electron has an API for this already that can serve as a base. Ideally, we can register two callbacks - one called with the request before it is sent and one called with the response after it is received. The callbacks should be passed the complete info about the request and response, and should be able to mutate or reject them.
Alternatives considered
Delegate requests to the core application via either IPC calls or custom protocols. This requires that the inner page be written to use them though, which is not possible for third party sites, and does not address the use case of security hardening.
Additional context
No response
The text was updated successfully, but these errors were encountered: