Hi Jochen, Ben, thanks for answering my questions.
I'm by no means an expert in this, but to me it sounds like we're looking at this from the wrong angle. I'll respond to some points inline: > For example, one client of mine didn't trust the network (including DNS) and wanted a web browser that tunnels all requests through their own server. Similar to what Opera mobile and Chrome Android do in the "accelerated" proxy mode. The normal HTTP proxy protocols are not sufficient (e.g. leak DNS) and they wanted their own wire protocol. For DNS stuff: wouldn't it be sufficient to point your app to use your own DNS (optionally with DoH for privacy?) > Another common requirement is to simply stop and block all network requests apart from those to a specific server or domain, for security purposes. You might not want these requests to fail, but to return dummy data, to avoid apps breaking. This is important for dedicated browsers that e.g. wrap a single web application. You might call it Kiosk mode. > Another purpose is to analyze web sites. You run a given website and analyze their behavior, specifically the network requests it makes. You log all that and then you can e.g. security analyze them. This should be well in the scope of a WebExtension (using `webRequest`), it's very similar to what most ad blockers do today. > The whole exercise is needed to route all request through the BlackBerry Dynamics SDK to make use of the VPN and two-way SSL. The concept of the BB suite is that the app itself does not have access to the client certificate. So security is handled by that SDK stack. I see. This type of hard modifications of Gecko's behavior are not in scope for GeckoView unfortunately. From an uninformed point of view it seems like you might get away with running a local proxy on the phone alongside the app, but it's outside of my knowledge. There is a possibility that you could make out-of-tree modifications to Gecko to redirect all network requests, but it wouldn't be my first recommendation. Folks over at firefox-...@mozilla.org might be able to steer you in the right direction. > onLoadRequest looked promising (stop loading of the request) assuming that it catches each & every request but it looks like I can’t return a WebResponse here. onLoadRequest is intended only for top-level document requests (so no javascript, css, or iframes) and all you can do with it really is stop the request and handle it yourself (e.g. for a app link), it's not really intended to handle the request elsewhere and feed something back. Thanks, Agi. On Thu, Nov 21, 2019 at 2:03 PM Jochen van Waasen <joc...@vanwaasen.ch> wrote: > Hi Agi > > Thanks for answering my request. > > In short I need to intercept each and every request issued by a GeckoView, > stop it, feed (with headers etc = clone) that request into a different > network stack and return the response to the GeckoView. > > Currently I have this partially running inside an Android WebView > (chromium, javascript bridge, javascript injection). It sort of works but > the issue with that solution is besides CORS that I can’t inject my > javascript to intercept XMLHttpRequest inside an iframe. > The whole exercise is needed to route all request through the BlackBerry > Dynamics SDK to make use of the VPN and two-way SSL. The concept of the BB > suite is that the app itself does not have access to the client > certificate. So security is handled by that SDK stack. > > I was thinking about a custom build of WebView but that is not feasible > for a enterprise production rollout (routed device, replacement of existing > WebView by custom WebView (one time operation)). > I was hoping that I could use GeckoView (as it has its own rendering > engine etc.) hence does not require a rooted device and modifications. > > onLoadRequest looked promising (stop loading of the request) assuming that > it catches each & every request but it looks like I can’t return a > WebResponse here. > > I understand that you don’t offer that level to network control as it > might come with some security concerns. > Would it be possible to make changes in source to allow that kind of > control (build custom GeckoView, it is open source isn’t it?)? Would you be > willing to help with that task (some guidance where to apply that change)? > > Best Regards > Jochen > > > On 21 Nov 2019, at 19:38, Agi Sferro <asfe...@mozilla.com> wrote: > > Hi Jochen, > > Could you expand a little bit on what exactly are you trying to do? It > will help us give you a better answer. > > In general, we don't currently support that level of control on network > requests outside of a WebExtension. > > Thanks, > Agi > > On Thu, Nov 21, 2019 at 10:26 AM Emily Toop <et...@mozilla.com> wrote: > >> >> >> ---------- Forwarded message --------- >> From: Jochen van Waasen <joc...@vanwaasen.ch> >> Date: Thu, 21 Nov 2019 at 14:16 >> Subject: GeckoView >> To: <et...@mozilla.com> >> >> >> Hi Emily >> >> I would like to use GeckoView but need to intercept all request that are >> coming out of a webpage (URL, resource, XMLHttpRequest, requests coming >> from inside an iFrame). >> >> Can this be done with GeckoView? >> >> The WebExtension is probably not what I need as I need to stop the >> request/load and process it differently. >> Ideally I could register a WebExecutor globally that gives me this kind >> of control. >> >> Best Regards >> Jochen >> _______________________________________________ >> mobile-firefox-dev mailing list >> mobile-firefox-dev@mozilla.org >> https://mail.mozilla.org/listinfo/mobile-firefox-dev >> > >
_______________________________________________ mobile-firefox-dev mailing list mobile-firefox-dev@mozilla.org https://mail.mozilla.org/listinfo/mobile-firefox-dev
