misterphilip / x-forwarded-for Goto Github PK

@MisterPhilip
When the extension gets enabled (by disabling then enabling or by closing Chrome completely and reopening), the icon is logo-*-bw.png (as defined in manifest.json). Adding updateFromSettings() to serviceWorker.ts (not inside any callbacks) seems to work but I'll let you figure it out properly.

Hello,

The addon is really nice, and helps with some debugging and geo-blocking bypass, I would like to suggest the following feature.

1- the ability to export/import profiles

The way it should work, the export can be base64 encoded json string, and the import follow similar idea,

For example ew0KIl92ZXJzaW9uIjogImFkZG9uLXZlcnNpb24tMSIsDQoicHJvZmlsZSI6IHt9DQp9 is the exported string, which when imported turn into

{
"_version": "addon-version-1",
"profile": {....}
}

The idea is to be ability to copy profile and share it with someone, and the user has to confirm the data before importing it.

Can we set NULL or UNSET or empty IP list as the header? instead of showing some other IP

I was going to suggest adding a recently used IPs feature when I noticed that you already implemented such in the 0.4.0 version.

Any reason why you did not release that version for Firefox?

P.S.: On addons.mozilla.org the extension is called X-Forwarded-For Injector whereas in the manifest it says X-Forwarded-For Header. You may want to fix that to prevent someone from hijacking the name.

Access to font at 'https://fonts.gstatic.com/s/materialiconsoutlined/v21/gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2' from origin 'https://redacted' has been blocked by CORS policy: Request header field x-forwarded-for is not allowed by Access-Control-Allow-Headers in preflight response.

Hello,

Very useful extension. My work flow is that I am using the web browser on my local machine, but actually programming with PhpStorm on another machine through a Remote Desktop connection. Your extension allows me to forward the Xdebug debugging session to the remote machine. It works great.

For privacy reasons, it would be nice if the X-Forwarded-For header would only be sent for pages I visit on my domains.

Hello, @MisterPhilip thanks for this great extension.
I need this extension for some automation tests using selenium and geckodriver so I need to fork it and make a default value..
Can you help me with this, please? Thanks

Need to remove the user-select field for the input.

Microsoft Edge is the second most used browser on the web, making the browsing experience more flexible, offering many more services for users and optimized for Windows devices.

Microsoft Edge supports Chromium extensions, and you can publish your extensions to Microsoft Edge Add-ons website with minimal code changes. Find out more here.

If you have any more queries about porting Chrome extension to Microsoft Edge or anything else, you can contact the relevant teams whose links are given here.

Let me know if this was helpful. I am happy to help you with more details.

Hello,

I noticed on firefox x-originating-ip, x-remote-ip, x-remote-addr headers are not working.

So I checked the code, found that the browser-polyfill.js file loaded here does not exist.

I am not sure if this issue is causing the title to not work properly.

hi,man
thank u work for this useful plugins.i have some idear.
add more allowedHeaders like these:

["x-forwarded-for", "x-real-ip", "x-forwarded", "forwarded-for", "forwarded", "true-client-ip", "client-ip", "ali-cdn-real-ip", "cdn-src-ip", "cdn-real-ip", "cf-connecting-ip", "x-cluster-client-ip", "wl-proxy-client-ip", "proxy-client-ip", "true-client-ip"]

i think the best ways is user can add,del or change it by themslef.

This extension has been great for basic X-Forwarded-For testing, but the spec for that header allows for multiple addresses, in a comma+space delimited list. I'd like to request a feature to allow for multiple IP addresses in the X-Forwarded-For header tag.

X-Forwarded-For can have more than one values (where each proxy forwards previous proxy's IP).

This should be supported by enabling comma separated values in the IP input.

Need to update the IP regex to allow IPv6 as well (potentially just any text, trimmed?).

Why cant access?

The version of this addon on addons.mozilla.org is still 4 years old, could you publish the new v1.0.* release there too?

The extension needs permissions to access all the data. For what? Is this really necessary in order to add a header to requests?

Please help. It does not work and does not apply to the IP that you set. Can you help?

I'm look for an alternative tool to bypass the X-Frame-Options SAMEORIGIN header.

There used to be the tool: https://github.com/niutech/x-frame-bypass
but it's no longer being maintained/working and doesn't work in the same way, anyway.

Can I use or modify your tool to do this?

Hi Dude,

This addon is perfect for what i needed.

Are you planning to release one for X-Real-IP at all or would you have any issues if i changed the code and released it doing X-Real-IP but with full credits to you?

This addon has been well received by some of my followers on twitter who will be using it for testing security on some bug bounty planforms.

https://twitter.com/Random_Robbie/status/920622185898704896

Per feedback, having the input for the IP address in the browser action is missed. Adding a default profile that can be overridden by other profiles seems like the best solution to this.