I am using webExtension SecurityInfo API. For example, I want to see if HSTS is enabled. I only want to know this info. once per tab. For example, in this code, I want to check if HSTS is enabled.
background.js
:
sync function logger(details) {
try {
let securityInfo = await browser.webRequest.getSecurityInfo(
details.requestId, {}
);
console.log("URL",details.url)
if ((securityInfo.state == "secure" || securityInfo.state == "weak") &&
!securityInfo.isUntrusted) {
console.log("HSTS:",securityInfo.hsts)
}
}
catch(error) {
console.error(error);
}
}
browser.webRequest.onHeadersReceived.addListener(logger,
{urls: ["<all_urls>"]},
["blocking"]
);
when I open google.com
I receive dozens of responses in the browser console
for many links that are for google.com
or for embedded links in the same page.
I am only interested to know the SecurityInfo. for the root domain of the URL I hit the URL bar. Nothing else. For example, if I hit mail.google.com
I want to know the HSTS status for google.com
. If I again enter a new address in the same tab, say, yahoo.com
, I am interested in knowing the SecurityInfo for yahoo.com
.
If I open a new tab for google.com
I want this info to appear again as it is a new tab, despite the fact that I saw it in previous tab.
I.e. I am only interested in knowing the SecurityInfo of the root domain (not subdomains) once per URL hit.
And, the manifest.json
:
{
"manifest_version": 2,
"name": "Root Certificate Stats",
"description": "Track and display which CA root certificates are used and how often.",
"version": "0.1.0",
"browser_action": {
"default_icon": {
"32": "icons/icon-32.png"
},
"default_title": "Root Certificate Stats",
"default_popup": "popup.html"
},
"permissions": ["webRequest", "webRequestBlocking", "<all_urls>"],
"background": {
"scripts": [ "background.js" ]
},
"icons": {
"32": "icons/icon-32.png"
},
"applications": {
"gecko": {
"strict_min_version": "62.0b5"
}
}
}