mozilla · maxxcrawford · Oct 31, 2022 · Oct 31, 2022 · Oct 31, 2022 · Dec 5, 2022
diff --git a/src/js/background/background.js b/src/js/background/background.js
@@ -25,6 +25,45 @@ browser.runtime.onInstalled.addListener(async (details) => {
  }
 });
 
+/**
+ * Function that makes any API/fetch request on behalf of a content script
+ * 
+ * @async
+ * @function fetchRequestFromBackground
+ * @param {string} url=null - URL of API route
+ * @param {string} fetchMethod="GET" - fetch method type 
+ * @param {object} body=null - Overwrite if the request type (PATCH, POST) is method that needs to send data to the server
+ * @param {object} opts=null} Option to add users apiToken for protected API calls 
+ * @return {string} JSON formatted response from the API
+ */
+async function fetchRequestFromBackground({url = null, fetchMethod = "GET", body = null, opts=null} = {}) {
+ // URL is the only "required" argument to make a fetch. 
+ // Default
+ if (url == null) {
+ return false;
+ }
+
+ const headers = new Headers();
+
+ headers.set("Content-Type", "application/json");
+ headers.set("Accept", "application/json");
+
+ if (opts && opts.auth) {
+ const apiToken = await browser.storage.local.get("apiToken");
+ headers.set("Authorization", `Token ${apiToken.apiToken}`);
+ }
+
+ const response = await fetch(url, {
+ mode: "same-origin",
+ method: fetchMethod,
+ headers: headers,
+ body,
+ });
+
+ const answer = await response.json();
+ return answer;
+}
+
 // This function is defined as global in the ESLint config _because_ it is created here:
 // eslint-disable-next-line no-redeclare, no-unused-vars
 async function getAliasesFromServer(method = "GET", opts=null) {
@@ -396,6 +435,11 @@ browser.runtime.onMessage.addListener(async (m, sender, _sendResponse) => {
  case "iframeCloseRelayInPageMenu":
  browser.tabs.sendMessage(sender.tab.id, {message: "iframeCloseRelayInPageMenu"});
  break;
+ case "fetchRequestFromBackground": 
+ response = await fetchRequestFromBackground(
+ m.fetchRequest
+ );
+ break;
  case "fillInputWithAlias":
  browser.tabs.sendMessage(sender.tab.id, m.message);
  break;

diff --git a/src/js/relay.firefox.com/get_profile_data.js b/src/js/relay.firefox.com/get_profile_data.js
@@ -46,6 +46,24 @@
  const apiToken = profileMainElement.dataset.apiToken;
  await browser.storage.local.set({ apiToken });
 
+ const cookieString =
+ typeof document.cookie === "string" ? document.cookie : "";
+
+ const cookieStringArray = cookieString
+ .split(";")
+ .map((individualCookieString) => individualCookieString.split("="))
+ .map(([cookieKey, cookieValue]) => [
+ cookieKey.trim(),
+ cookieValue.trim(),
+ ]);
+
+ const [_csrfCookieKey, csrfCookieValue] = cookieStringArray.find(
+ ([cookieKey, _cookieValue]) => cookieKey === "csrftoken"
+ );
+
+ await browser.storage.local.set({ csrfCookieValue: csrfCookieValue });
+
+
- const cookieString =
- typeof document.cookie === "string" ? document.cookie : "";
- 
- const cookieStringArray = cookieString
- .split(";")
- .map((individualCookieString) => individualCookieString.split("="))
- .map(([cookieKey, cookieValue]) => [
- cookieKey.trim(),
- cookieValue.trim(),
- ]);
-
- const [_csrfCookieKey, csrfCookieValue] = cookieStringArray.find(
- ([cookieKey, _cookieValue]) => cookieKey === "csrftoken"
- );
-
- await browser.storage.local.set({ csrfCookieValue: csrfCookieValue });
- const cookieString =
- typeof document.cookie === "string" ? document.cookie : "";
- 
- const cookieStringArray = cookieString
- .split(";")
- .map((individualCookieString) => individualCookieString.split("="))
- .map(([cookieKey, cookieValue]) => [
- cookieKey.trim(),
- cookieValue.trim(),
- ]);
-
- const [_csrfCookieKey, csrfCookieValue] = cookieStringArray.find(
- ([cookieKey, _cookieValue]) => cookieKey === "csrftoken"
- );
-
- await browser.storage.local.set({ csrfCookieValue: csrfCookieValue });
  // API URL is ${RELAY_SITE_ORIGIN}/api/v1/
  const { relayApiSource } = await browser.storage.local.get("relayApiSource");
 
@@ -54,50 +72,13 @@
  const relayApiUrlDomainAddresses = `${relayApiSource}/domainaddresses/`;
  const relayApiUrlRelayNumbers = `${relayApiSource}/relaynumber/`;
 
- async function apiRequest(url, method = "GET", body = null, opts=null) {
-
- const cookieString =
- typeof document.cookie === "string" ? document.cookie : "";
- const cookieStringArray = cookieString
- .split(";")
- .map((individualCookieString) => individualCookieString.split("="))
- .map(([cookieKey, cookieValue]) => [
- cookieKey.trim(),
- cookieValue.trim(),
- ]);
-
- const [_csrfCookieKey, csrfCookieValue] = cookieStringArray.find(
- ([cookieKey, _cookieValue]) => cookieKey === "csrftoken"
- );
-
- browser.storage.local.set({ csrfCookieValue: csrfCookieValue });
-
-
- const headers = new Headers();
-
-
- headers.set("X-CSRFToken", csrfCookieValue);
- headers.set("Content-Type", "application/json");
- headers.set("Accept", "application/json");
-
- if (opts && opts.auth) {
- const apiToken = await browser.storage.local.get("apiToken");
- headers.set("Authorization", `Token ${apiToken.apiToken}`);
+
+ const serverProfileData = await browser.runtime.sendMessage({
+ method: "fetchRequestFromBackground",
+ fetchRequest: {
+ url: apiProfileURL
  }
-
-
- const response = await fetch(url, {
- mode: "same-origin",
- method,
- headers: headers,
- body,
- });
-
- const answer = await response.json();
- return answer;
- }
-
- const serverProfileData = await apiRequest(apiProfileURL);
+ });
 
  browser.storage.local.set({
  profileID: parseInt(serverProfileData[0].id, 10),
@@ -108,7 +89,13 @@
 
  const siteStorageEnabled = serverProfileData[0].server_storage;
 
- const relayNumbers = await apiRequest(relayApiUrlRelayNumbers);
+ const relayNumbers = await await browser.runtime.sendMessage({
+ method: "fetchRequestFromBackground",
+ fetchRequest: {
+ url: relayApiUrlRelayNumbers
+ }
+ });
+
  if (Array.isArray(relayNumbers) && relayNumbers.length > 0) {
  browser.storage.local.set({
  relayNumbers: relayNumbers,
@@ -121,10 +108,21 @@
  * @param {{ fetchCustomMasks?: boolean }} options - Set `fetchCustomMasks` to `true` if the user is a Premium user.
  */
  async function refreshLocalLabelCache(options = {}) {
+
  /** @type {RandomMask[]} */
- const relayAddresses = await apiRequest(relayApiUrlRelayAddresses);
+ const relayAddresses = await browser.runtime.sendMessage({
+ method: "fetchRequestFromBackground",
+ fetchRequest: {
+ url: relayApiUrlRelayAddresses
+ }
+ });
  const domainAddresses = options.fetchCustomMasks
- ? await apiRequest(relayApiUrlDomainAddresses)
+ ? await browser.runtime.sendMessage({
+ method: "fetchRequestFromBackground",
+ fetchRequest: {
+ url: relayApiUrlDomainAddresses
+ }
+ })
  : [];
  await browser.storage.local.set({
  relayAddresses:
@@ -235,7 +233,15 @@
 
  if (body.description.length > 0 || body.generated_for.length > 0 || body.used_on.length > 0) {
  const endpoint = alias.mask_type === "custom" ? relayApiUrlDomainAddresses : relayApiUrlRelayAddresses;
- await apiRequest(`${endpoint}${alias.id}/`, "PATCH", JSON.stringify(body), {auth: true});
+ await browser.runtime.sendMessage({
+ method: "fetchRequestFromBackground",
+ fetchRequest: {
+ url: `${endpoint}${alias.id}/`,
+ fetchMethod: "PATCH",
+ body: JSON.stringify(body),
+ opts: {auth: true}
+ }
+ });
  }
  }
  }
@@ -257,9 +263,21 @@
  if (siteStorageEnabled) {
  // Sync alias data from server page.
  // If local storage items exist AND have label metadata stored, sync it to the server.
- const serverRelayAddresses = await apiRequest(relayApiUrlRelayAddresses);
+
+ const serverRelayAddresses = await browser.runtime.sendMessage({
+ method: "fetchRequestFromBackground",
+ fetchRequest: {
+ url: relayApiUrlRelayAddresses
+ }
+ });
+
  const serverDomainAddresses = isPremiumUser
- ? await apiRequest(relayApiUrlDomainAddresses)
+ ? await browser.runtime.sendMessage({
+ method: "fetchRequestFromBackground",
+ fetchRequest: {
+ url: relayApiUrlDomainAddresses
+ }
+ })
  : [];
 
  // let usage: This data may be overwritten when merging the local storage dataset with the server set.