I'm building a Chrome extension. I need to intercept requests to a specific endpoint to get the response body and use the response in the extension (all ok, no malicious software)
To do that I overwrite window.fetch function with code:
const originalFetch = window.fetch;
window.fetch = async function (...args) {
const response = await originalFetch(...args);
const request = args[0];
const url = request instanceof Request ? request.url : request instanceof URL ? request.href : request;
if (url.includes('api/search')) {
const data = await response.clone().json();
if (data.myInfo) {
window.dispatchEvent(
new CustomEvent('OnMyInfoLoaded', {
detail: {
myInfo: data.myInfo,
},
}),
);
}
}
return response;
};
This script is injected in manifest:
{
"matches": [
"/*/*"
],
"js": [
"dist/injectCustomFetch.bundle.js"
],
"run_at": "document_start"
}
In 99% cases requests to search works and I get the data, but sometimes I get 403 forbidden from server. The server uses cloudflare so I assume cloudflare somehow detects that fetch is patched? I can't access server logs/cloudflare logs as I'm not the owner of the server
This error is hard to catch too as most of the time it works fine, with occasional 403 and I don't see any pattern
