得益于下面的JS代码,我可以检测到浏览器内部的所有获取。
const nativeFetch = window.fetch;
window.fetch = function (...args) {
console.log('Getting some data...');
return nativeFetch.apply(window, args);
}
因此,每次用户在我的应用程序内导航时,我都可以跟踪获取的内容。
不幸的是,它没有“拦截”下图(红色)上显示的最后一次提取。我不知道为什么。因为它从另一个域(*)获取?因为它被CORS政策阻止了吗?
(*)此获取来自另一个域:。
您是否知道这是否可以在JavaScript中“检测”此提取?
在上面显示的脚本中,它检测到除此之外的所有获取。
I can detect every fetch inside my browser thanks to the js code below.
const nativeFetch = window.fetch;
window.fetch = function (...args) {
console.log('Getting some data...');
return nativeFetch.apply(window, args);
}
So every time user navigate inside my app, I can trace what is fetched.
Unfortunately it doesn't 'intercept' the last fetch showed on the picture below (in red). I don't know why. Because it fetch from another domain(*) ? Because it was blocked by CORS policy ?
(*) This fetch is from another domain: https://dev-123456.okta.com/oauth2/default/v1/authorize?client_id=12122...
Do you have any idea if this is possible to 'detect' this fetch in javascript ?
With the script showed above, it detect every fetch except this one.
发布评论