-
Notifications
You must be signed in to change notification settings - Fork 55
Description
It would be helpful for clients to have the ability to specify extra HTTP headers globally or for a specific set of browsing contexts. While custom HTTP headers can currently be set through network interception, it would simplify the process if we allowed headers to be set via a single command without relying on interception. These headers could then be automatically applied to all network activity within the specified browsing contexts.
This enhancement would enable more flexible testing scenarios, where each context can simulate different client headers, such as language settings (see #774), authentication tokens, or custom headers for API requests.
Use Cases
-
Multi-Context Testing: Simulating different user agents, authentication tokens, or localization settings (e.g.,
Accept-Language
) across various browsing contexts. This would help developers test how their application behaves when accessed by different types of clients in parallel. -
A/B Testing: Using different headers (e.g., feature flags) to simulate A/B testing environments within the same browser instance, but isolated to separate browsing contexts.
-
Authentication and Security Testing: Simulating different users with different authentication headers in separate tabs or frames. This allows the testing of security mechanisms and session isolation between tabs. This is some feature Cypress would benefit from given that it has to send a fixed set of authentication headers.
Proposal
Introduce an API that allows setting extra HTTP headers globally or for specific browsing contexts. The API would accept a list of context IDs along with the headers to be applied for each context.
The API could look like:
-
Command to set extra HTTP headers for multiple contexts:
{ "method": "network.addExtraHTTPHeaders", "params": { "contexts": ["context1", "context2"], // The IDs of the browsing contexts "headers": { "X-Custom-Header": "exampleValue", "Accept-Language": "fr-FR" } } }
-
Command to clear extra HTTP headers:
{ "method": "network.removeExtraHTTPHeaders", "params": { "contexts": ["context1", "context2"] // The IDs of the browsing contexts } }
Benefits
- Granular Control Over HTTP Requests: Developers can test applications with different HTTP headers per context in parallel, making it easier to simulate real-world usage with different users, agents, or environments.
- Multi-Session Testing: Allows the simulation of multiple sessions, users, or clients by attaching different headers to each context, useful for testing session management, security, and caching behavior.
- Localization and Customization: This feature would be particularly helpful for testing internationalization (
Accept-Language
header) or client-specific behavior based on custom headers.
Questions
- Should there be a way to query the currently active headers for a given context?
- Should we allow removing of individual headers if the
headers
field and entries are specified?