mirror of
https://github.com/bitwarden/browser.git
synced 2025-01-13 19:51:37 +01:00
fetch with proper no-cache
This commit is contained in:
parent
a7e7dcc1fe
commit
8ac3450d9e
@ -172,4 +172,6 @@ export abstract class ApiService {
|
||||
token: string) => Promise<ListResponse<EventResponse>>;
|
||||
getEventsOrganizationUser: (organizationId: string, id: string,
|
||||
start: string, end: string, token: string) => Promise<ListResponse<EventResponse>>;
|
||||
|
||||
fetch: (request: Request) => Promise<Response>;
|
||||
}
|
||||
|
@ -120,7 +120,7 @@ export class ApiService implements ApiServiceAbstraction {
|
||||
// Auth APIs
|
||||
|
||||
async postIdentityToken(request: TokenRequest): Promise<IdentityTokenResponse | IdentityTwoFactorResponse> {
|
||||
const response = await fetch(new Request(this.identityBaseUrl + '/connect/token', {
|
||||
const response = await this.fetch(new Request(this.identityBaseUrl + '/connect/token', {
|
||||
body: this.qsStringify(request.toIdentityToken(this.platformUtilsService.identityClientId)),
|
||||
credentials: this.getCredentials(),
|
||||
cache: 'no-cache',
|
||||
@ -585,6 +585,14 @@ export class ApiService implements ApiServiceAbstraction {
|
||||
|
||||
// Helpers
|
||||
|
||||
fetch(request: Request): Promise<Response> {
|
||||
if (request.method === 'GET') {
|
||||
request.headers.set('Cache-Control', 'no-cache');
|
||||
request.headers.set('Pragma', 'no-cache');
|
||||
}
|
||||
return fetch(request);
|
||||
}
|
||||
|
||||
private async send(method: 'GET' | 'POST' | 'PUT' | 'DELETE', path: string, body: any,
|
||||
authed: boolean, hasResponse: boolean): Promise<any> {
|
||||
const headers = new Headers({
|
||||
@ -619,7 +627,7 @@ export class ApiService implements ApiServiceAbstraction {
|
||||
}
|
||||
|
||||
requestInit.headers = headers;
|
||||
const response = await fetch(new Request(this.apiBaseUrl + path, requestInit));
|
||||
const response = await this.fetch(new Request(this.apiBaseUrl + path, requestInit));
|
||||
|
||||
if (hasResponse && response.status === 200) {
|
||||
const responseJson = await response.json();
|
||||
@ -662,7 +670,7 @@ export class ApiService implements ApiServiceAbstraction {
|
||||
}
|
||||
|
||||
const decodedToken = this.tokenService.decodeToken();
|
||||
const response = await fetch(new Request(this.identityBaseUrl + '/connect/token', {
|
||||
const response = await this.fetch(new Request(this.identityBaseUrl + '/connect/token', {
|
||||
body: this.qsStringify({
|
||||
grant_type: 'refresh_token',
|
||||
client_id: decodedToken.client_id,
|
||||
|
@ -1,3 +1,4 @@
|
||||
import { ApiService } from '../abstractions/api.service';
|
||||
import { AuditService as AuditServiceAbstraction } from '../abstractions/audit.service';
|
||||
import { CryptoFunctionService } from '../abstractions/cryptoFunction.service';
|
||||
|
||||
@ -9,7 +10,7 @@ const PwnedPasswordsApi = 'https://api.pwnedpasswords.com/range/';
|
||||
const HibpBreachApi = 'https://haveibeenpwned.com/api/v2/breachedaccount/';
|
||||
|
||||
export class AuditService implements AuditServiceAbstraction {
|
||||
constructor(private cryptoFunctionService: CryptoFunctionService) { }
|
||||
constructor(private cryptoFunctionService: CryptoFunctionService, private apiService: ApiService) { }
|
||||
|
||||
async passwordLeaked(password: string): Promise<number> {
|
||||
const hashBytes = await this.cryptoFunctionService.hash(password, 'sha1');
|
||||
@ -17,7 +18,7 @@ export class AuditService implements AuditServiceAbstraction {
|
||||
const hashStart = hash.substr(0, 5);
|
||||
const hashEnding = hash.substr(5);
|
||||
|
||||
const response = await fetch(PwnedPasswordsApi + hashStart);
|
||||
const response = await this.apiService.fetch(new Request(PwnedPasswordsApi + hashStart));
|
||||
const leakedHashes = await response.text();
|
||||
const match = leakedHashes.split(/\r?\n/).find((v) => {
|
||||
return v.split(':')[0] === hashEnding;
|
||||
@ -27,7 +28,7 @@ export class AuditService implements AuditServiceAbstraction {
|
||||
}
|
||||
|
||||
async breachedAccounts(username: string): Promise<BreachAccountResponse[]> {
|
||||
const response = await fetch(HibpBreachApi + username);
|
||||
const response = await this.apiService.fetch(new Request(HibpBreachApi + username));
|
||||
if (response.status === 404) {
|
||||
return [];
|
||||
} else if (response.status !== 200) {
|
||||
|
Loading…
Reference in New Issue
Block a user