Support Modern Remote Chrome #71
Conversation
|
This particular issue has been a problem since Chrome version 66 in 2018 when a change was made to improve security on DevTools. If you're using a local install, you won't run into the issue. I'm guessing most users of this module are configured in this manner. The problem surfaces when using a container version of icingaweb2. Unless you make a custom container, the official one doesn't include Chrome installed. The best solution is to spin up a container running a headless version of Chrome. While you can get around the issue by putting in an IP address, this may change across container restarts. Especially under Kubernetes, you will want to use the friendly DNS name to fix this. This small patch works around the security issue by forcing the host header to "localhost" when fetching the version endpoint. With that set, the expected values are returned and can be used by the rest of the module. |
|
Hi, thank your for pointing this out! However, since this is a case specific to containerized setups, I think it is safer to first try a normal request. (without spoofing the host header) If this fails with the error |
Starting in version 66, Chrome DevTools requires the host header to be “localhost” or an IP address. Work around this by re-running the request without a host header if we get the security error.
srvrguy
force-pushed
the
remote-chrome
branch
from
3418b1f to
aee0102
Compare
|
The updated PR now handles the issue in a different way. Since Guzzle emits an exception on a 5xx error, I've wrapped the first request in a try block and am only catching the specific error thrown when getting the security error message. Inside the catch, I just have the request try again without a Host header. It's a big larger of a change than I would have liked, but does the job just fine. |
Simple formatting issue that shouldn't take long to fix this week. Do you want me to add as a separate commit, or should I amend and force push to keep the history clean? |
|
You can commit my suggestion directly here. I'll squash afterwards. |
Adjusted formatting of code to pass PHPCS checks.
Starting in version 66, Chrome DevTools requires the host header to be “localhost” or an IP address. Work around this by setting the header to “lcoalhost” when fetching the version endpoint.