bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2025-12-14 07:13:32 +00:00
Code Issues Releases Wiki Activity

fetch with proper no-cache

Browse Source
This commit is contained in:
Kyle Spearrin
2018-07-07 23:48:58 -04:00
parent a7e7dcc1fe
commit 8ac3450d9e
3 changed files with 17 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/abstractions/api.service.ts
View File

@@ -172,4 +172,6 @@ export abstract class ApiService {
token: string) => Promise<ListResponse<EventResponse>>; token: string) => Promise<ListResponse<EventResponse>>;
getEventsOrganizationUser: (organizationId: string, id: string, getEventsOrganizationUser: (organizationId: string, id: string,
start: string, end: string, token: string) => Promise<ListResponse<EventResponse>>; start: string, end: string, token: string) => Promise<ListResponse<EventResponse>>;
fetch: (request: Request) => Promise<Response>;
} }

14
src/services/api.service.ts
View File

@@ -120,7 +120,7 @@ export class ApiService implements ApiServiceAbstraction {
// Auth APIs // Auth APIs
async postIdentityToken(request: TokenRequest): Promise<IdentityTokenResponse | IdentityTwoFactorResponse> { async postIdentityToken(request: TokenRequest): Promise<IdentityTokenResponse | IdentityTwoFactorResponse> {
const response = await fetch(new Request(this.identityBaseUrl + '/connect/token', { const response = await this.fetch(new Request(this.identityBaseUrl + '/connect/token', {
body: this.qsStringify(request.toIdentityToken(this.platformUtilsService.identityClientId)), body: this.qsStringify(request.toIdentityToken(this.platformUtilsService.identityClientId)),
credentials: this.getCredentials(), credentials: this.getCredentials(),
cache: 'no-cache', cache: 'no-cache',
@@ -585,6 +585,14 @@ export class ApiService implements ApiServiceAbstraction {
// Helpers // Helpers
fetch(request: Request): Promise<Response> {
if (request.method === 'GET') {
request.headers.set('Cache-Control', 'no-cache');
request.headers.set('Pragma', 'no-cache');
}
return fetch(request);
}
private async send(method: 'GET' | 'POST' | 'PUT' | 'DELETE', path: string, body: any, private async send(method: 'GET' | 'POST' | 'PUT' | 'DELETE', path: string, body: any,
authed: boolean, hasResponse: boolean): Promise<any> { authed: boolean, hasResponse: boolean): Promise<any> {
const headers = new Headers({ const headers = new Headers({
@@ -619,7 +627,7 @@ export class ApiService implements ApiServiceAbstraction {
} }
requestInit.headers = headers; requestInit.headers = headers;
const response = await fetch(new Request(this.apiBaseUrl + path, requestInit)); const response = await this.fetch(new Request(this.apiBaseUrl + path, requestInit));
if (hasResponse && response.status === 200) { if (hasResponse && response.status === 200) {
const responseJson = await response.json(); const responseJson = await response.json();
@@ -662,7 +670,7 @@ export class ApiService implements ApiServiceAbstraction {
} }
const decodedToken = this.tokenService.decodeToken(); const decodedToken = this.tokenService.decodeToken();
const response = await fetch(new Request(this.identityBaseUrl + '/connect/token', { const response = await this.fetch(new Request(this.identityBaseUrl + '/connect/token', {
body: this.qsStringify({ body: this.qsStringify({
grant_type: 'refresh_token', grant_type: 'refresh_token',
client_id: decodedToken.client_id, client_id: decodedToken.client_id,

7
src/services/audit.service.ts
View File

@@ -1,3 +1,4 @@
import { ApiService } from '../abstractions/api.service';
import { AuditService as AuditServiceAbstraction } from '../abstractions/audit.service'; import { AuditService as AuditServiceAbstraction } from '../abstractions/audit.service';
import { CryptoFunctionService } from '../abstractions/cryptoFunction.service'; import { CryptoFunctionService } from '../abstractions/cryptoFunction.service';
@@ -9,7 +10,7 @@ const PwnedPasswordsApi = 'https://api.pwnedpasswords.com/range/';
const HibpBreachApi = 'https://haveibeenpwned.com/api/v2/breachedaccount/'; const HibpBreachApi = 'https://haveibeenpwned.com/api/v2/breachedaccount/';
export class AuditService implements AuditServiceAbstraction { export class AuditService implements AuditServiceAbstraction {
constructor(private cryptoFunctionService: CryptoFunctionService) { } constructor(private cryptoFunctionService: CryptoFunctionService, private apiService: ApiService) { }
async passwordLeaked(password: string): Promise<number> { async passwordLeaked(password: string): Promise<number> {
const hashBytes = await this.cryptoFunctionService.hash(password, 'sha1'); const hashBytes = await this.cryptoFunctionService.hash(password, 'sha1');
@@ -17,7 +18,7 @@ export class AuditService implements AuditServiceAbstraction {
const hashStart = hash.substr(0, 5); const hashStart = hash.substr(0, 5);
const hashEnding = hash.substr(5); const hashEnding = hash.substr(5);
const response = await fetch(PwnedPasswordsApi + hashStart); const response = await this.apiService.fetch(new Request(PwnedPasswordsApi + hashStart));
const leakedHashes = await response.text(); const leakedHashes = await response.text();
const match = leakedHashes.split(/\r?\n/).find((v) => { const match = leakedHashes.split(/\r?\n/).find((v) => {
return v.split(':')[0] === hashEnding; return v.split(':')[0] === hashEnding;
@@ -27,7 +28,7 @@ export class AuditService implements AuditServiceAbstraction {
} }
async breachedAccounts(username: string): Promise<BreachAccountResponse[]> { async breachedAccounts(username: string): Promise<BreachAccountResponse[]> {
const response = await fetch(HibpBreachApi + username); const response = await this.apiService.fetch(new Request(HibpBreachApi + username));
if (response.status === 404) { if (response.status === 404) {
return []; return [];
} else if (response.status !== 200) { } else if (response.status !== 200) {