Bug 1795595 - [devtools] Add 'Copy as PowerShell' command to request list context menu r=ochameau

Differential Revision: https://phabricator.services.mozilla.com/D157711

devtools/client/locales/en-US/netmonitor.properties

@@ -1295,6 +1295,14 @@ netmonitor.context.copyRequestData=Copy %S Data
 # for the Copy POST/PATCH/PUT/DELETE Data menu item displayed in the context menu for a request
 netmonitor.context.copyRequestData.accesskey=D
 
+# LOCALIZATION NOTE (netmonitor.context.copyAsPowerShell): This is the label displayed
+# on the context menu that copies the selected request as a PowerShell command.
+netmonitor.context.copyAsPowerShell=Copy as PowerShell
+
+# LOCALIZATION NOTE (netmonitor.context.copyAsPowerShell.accesskey): This is the access key
+# for the Copy as PowerShell menu item displayed in the context menu for a request
+netmonitor.context.copyAsPowerShell.accesskey=S
+
 # LOCALIZATION NOTE (netmonitor.context.copyAsCurl): This is the label displayed
 # on the context menu that copies the selected request as a cURL command.
 # The capitalization is part of the official name and should be used throughout all languages.

devtools/client/netmonitor/src/utils/moz.build

@@ -17,6 +17,7 @@ DevToolsModules(
     "headers-provider.js",
     "l10n.js",
     "open-request-in-tab.js",
+    "powershell.js",
     "prefs.js",
     "request-blocking.js",
     "request-utils.js",

devtools/client/netmonitor/src/utils/powershell.js

@@ -0,0 +1,142 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Copyright (C) 2007, 2008 Apple Inc.  All rights reserved.
+ * Copyright (C) 2008, 2009 Anthony Ricaud <rik@webkit.org>
+ * Copyright (C) 2011 Google Inc. All rights reserved.
+ * Copyright (C) 2022 Mozilla Foundation. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1.  Redistributions of source code must retain the above copyright
+ *     notice, this list of conditions and the following disclaimer.
+ * 2.  Redistributions in binary form must reproduce the above copyright
+ *     notice, this list of conditions and the following disclaimer in the
+ *     documentation and/or other materials provided with the distribution.
+ * 3.  Neither the name of Apple Computer, Inc. ("Apple") nor the names of
+ *     its contributors may be used to endorse or promote products derived
+ *     from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+// Utility to generate commands to invoke a request for powershell
+"use strict";
+
+// Some of these headers are passed in as seperate `Invoke-WebRequest` parameters so ignore
+// when building the headers list, others are not to neccesarily restrict the request.
+const IGNORED_HEADERS = [
+  "connection",
+  "proxy-connection",
+  "content-length",
+  "expect",
+  "range",
+  "host",
+  "content-type",
+  "user-agent",
+  "cookie",
+];
+/**
+ * This escapes strings for the powershell command
+ *
+ * 1. Escape the backtick, dollar sign and the double quotes See https://www.rlmueller.net/PowerShellEscape.htm
+ * 2. Convert any non printing ASCII characters found, using the ASCII code.
+ */
+function escapeStr(str) {
+  return `"${str
+    .replace(/[`\$"]/g, "`$&")
+    .replace(/[^\x20-\x7E]/g, char => "$([char]" + char.charCodeAt(0) + ")")}"`;
+}
+
+const PowerShell = {
+  generateCommand(url, method, headers, postData, cookies) {
+    const parameters = [];
+
+    // Create a WebSession to pass the information about cookies
+    // See https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/invoke-webrequest?view=powershell-7.2#-websession
+    const session = [];
+    for (const { name, value, domain } of cookies) {
+      if (!session.length) {
+        session.push(
+          "$session = New-Object Microsoft.PowerShell.Commands.WebRequestSession"
+        );
+      }
+      session.push(
+        `$session.Cookies.Add((New-Object System.Net.Cookie(${escapeStr(
+          name
+        )}, ${escapeStr(value)}, "/", ${escapeStr(
+          domain || new URL(url).host
+        )})))`
+      );
+    }
+
+    parameters.push(`-Uri ${escapeStr(url)}`);
+
+    if (method !== "GET") {
+      parameters.push(`-Method ${method}`);
+    }
+
+    if (session.length) {
+      parameters.push("-WebSession $session");
+    }
+
+    const userAgent = headers.find(
+      ({ name }) => name.toLowerCase() === "user-agent"
+    );
+    if (userAgent) {
+      parameters.push("-UserAgent " + escapeStr(userAgent.value));
+    }
+
+    const headersStr = [];
+    for (let { name, value } of headers) {
+      // Translate any HTTP2 pseudo headers to HTTP headers
+      name = name.replace(/^:/, "");
+
+      if (IGNORED_HEADERS.includes(name.toLowerCase())) {
+        continue;
+      }
+      headersStr.push(`${escapeStr(name)} = ${escapeStr(value)}`);
+    }
+    if (headersStr.length) {
+      parameters.push(`-Headers @{\n${headersStr.join("\n  ")}\n}`);
+    }
+
+    const contentType = headers.find(
+      header => header.name.toLowerCase() === "content-type"
+    );
+    if (contentType) {
+      parameters.push("-ContentType " + escapeStr(contentType.value));
+    }
+
+    const formData = postData.text;
+    if (formData) {
+      // Encode bytes if any of the characters is not an ASCII printing character (not between Space character and ~ character)
+      // a-zA-Z0-9 etc. See http://www.asciitable.com/
+      const body = /[^\x20-\x7E]/.test(formData)
+        ? "([System.Text.Encoding]::UTF8.GetBytes(" + escapeStr(formData) + "))"
+        : escapeStr(formData);
+      parameters.push("-Body " + body);
+    }
+
+    return `${
+      session.length ? session.join("\n").concat("\n") : ""
+      // -UseBasicParsing is added for backward compatibility.
+      // See https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/invoke-webrequest?view=powershell-7.2#-usebasicparsing
+    }Invoke-WebRequest -UseBasicParsing ${parameters.join(" `\n")}`;
+  },
+};
+
+exports.PowerShell = PowerShell;

devtools/client/netmonitor/src/widgets/RequestListContextMenu.js

@@ -30,6 +30,12 @@ loader.lazyRequireGetter(
   "resource://devtools/shared/DevToolsUtils.js",
   true
 );
+loader.lazyRequireGetter(
+  this,
+  "PowerShell",
+  "resource://devtools/client/netmonitor/src/utils/powershell.js",
+  true
+);
 loader.lazyRequireGetter(
   this,
   "copyString",
@@ -171,6 +177,16 @@ class RequestListContextMenu {
       });
     }
 
+    copySubMenu.push({
+      id: "request-list-context-copy-as-powershell",
+      label: L10N.getStr("netmonitor.context.copyAsPowerShell"),
+      accesskey: L10N.getStr("netmonitor.context.copyAsPowerShell.accesskey"),
+      // Menu item will be visible even if data hasn't arrived, so we need to check
+      // *Available property and then fetch data lazily once user triggers the action.
+      visible: !!clickedRequest,
+      click: () => this.copyAsPowerShell(clickedRequest),
+    });
+
     copySubMenu.push({
       id: "request-list-context-copy-as-fetch",
       label: L10N.getStr("netmonitor.context.copyAsFetch"),
@@ -542,6 +558,39 @@ class RequestListContextMenu {
     copyString(Curl.generateCommand(data, platform));
   }
 
+  async copyAsPowerShell(request) {
+    let {
+      id,
+      url,
+      method,
+      requestHeaders,
+      requestPostData,
+      requestCookies,
+    } = request;
+
+    requestHeaders =
+      requestHeaders ||
+      (await this.props.connector.requestData(id, "requestHeaders"));
+
+    requestPostData =
+      requestPostData ||
+      (await this.props.connector.requestData(id, "requestPostData"));
+
+    requestCookies =
+      requestCookies ||
+      (await this.props.connector.requestData(id, "requestCookies"));
+
+    return copyString(
+      PowerShell.generateCommand(
+        url,
+        method,
+        requestHeaders.headers,
+        requestPostData.postData,
+        requestCookies.cookies || requestCookies
+      )
+    );
+  }
+
   /**
    * Generate fetch string
    */

devtools/client/netmonitor/test/browser.ini

@@ -152,6 +152,7 @@ skip-if =
 skip-if = (verify && debug && os == 'win')
 [browser_net_copy_as_curl.js]
 [browser_net_copy_as_fetch.js]
+[browser_net_copy_as_powershell.js]
 [browser_net_use_as_fetch.js]
 [browser_net_cors_requests.js]
 [browser_net_cyrillic-01.js]

devtools/client/netmonitor/test/browser_net_copy_as_powershell.js

@@ -0,0 +1,168 @@
+/* Any copyright is dedicated to the Public Domain.
+   http://creativecommons.org/publicdomain/zero/1.0/ */
+
+"use strict";
+
+/**
+ * Test the Copy as PowerShell command
+ */
+add_task(async function() {
+  const { tab, monitor } = await initNetMonitor(HTTPS_CURL_URL, {
+    requestCount: 1,
+  });
+
+  info("Starting test... ");
+  info("Test powershell command for GET request without any cookies");
+  await performRequest("GET");
+  await testClipboardContentForRecentRequest(`Invoke-WebRequest -UseBasicParsing -Uri "https://example.com/browser/devtools/client/netmonitor/test/sjs_simple-test-server.sjs" \`
+-UserAgent "${navigator.userAgent}" \`
+-Headers @{
+"Accept" = "*/*"
+  "Accept-Language" = "en-US"
+  "Accept-Encoding" = "gzip, deflate, br"
+  "X-Custom-Header-1" = "Custom value"
+  "X-Custom-Header-2" = "8.8.8.8"
+  "X-Custom-Header-3" = "Mon, 3 Mar 2014 11:11:11 GMT"
+  "Referer" = "https://example.com/browser/devtools/client/netmonitor/test/html_copy-as-curl.html"
+  "Sec-Fetch-Dest" = "empty"
+  "Sec-Fetch-Mode" = "cors"
+  "Sec-Fetch-Site" = "same-origin"
+  "Pragma" = "no-cache"
+  "Cache-Control" = "no-cache"
+}`);
+
+  info("Test powershell command for GET request with cookies");
+  await performRequest("GET");
+  await testClipboardContentForRecentRequest(`$session = New-Object Microsoft.PowerShell.Commands.WebRequestSession
+$session.Cookies.Add((New-Object System.Net.Cookie("bob", "true", "/", "example.com")))
+$session.Cookies.Add((New-Object System.Net.Cookie("tom", "cool", "/", "example.com")))
+Invoke-WebRequest -UseBasicParsing -Uri "https://example.com/browser/devtools/client/netmonitor/test/sjs_simple-test-server.sjs" \`
+-WebSession $session \`
+-UserAgent "${navigator.userAgent}" \`
+-Headers @{
+"Accept" = "*/*"
+  "Accept-Language" = "en-US"
+  "Accept-Encoding" = "gzip, deflate, br"
+  "X-Custom-Header-1" = "Custom value"
+  "X-Custom-Header-2" = "8.8.8.8"
+  "X-Custom-Header-3" = "Mon, 3 Mar 2014 11:11:11 GMT"
+  "Referer" = "https://example.com/browser/devtools/client/netmonitor/test/html_copy-as-curl.html"
+  "Sec-Fetch-Dest" = "empty"
+  "Sec-Fetch-Mode" = "cors"
+  "Sec-Fetch-Site" = "same-origin"
+  "Pragma" = "no-cache"
+  "Cache-Control" = "no-cache"
+}`);
+
+  info("Test powershell command for POST request with post body");
+  await performRequest("POST", "Plaintext value as a payload");
+  await testClipboardContentForRecentRequest(`$session = New-Object Microsoft.PowerShell.Commands.WebRequestSession
+$session.Cookies.Add((New-Object System.Net.Cookie("bob", "true", "/", "example.com")))
+$session.Cookies.Add((New-Object System.Net.Cookie("tom", "cool", "/", "example.com")))
+Invoke-WebRequest -UseBasicParsing -Uri "https://example.com/browser/devtools/client/netmonitor/test/sjs_simple-test-server.sjs" \`
+-Method POST \`
+-WebSession $session \`
+-UserAgent "${navigator.userAgent}" \`
+-Headers @{
+"Accept" = "*/*"
+  "Accept-Language" = "en-US"
+  "Accept-Encoding" = "gzip, deflate, br"
+  "X-Custom-Header-1" = "Custom value"
+  "X-Custom-Header-2" = "8.8.8.8"
+  "X-Custom-Header-3" = "Mon, 3 Mar 2014 11:11:11 GMT"
+  "Origin" = "https://example.com"
+  "Referer" = "https://example.com/browser/devtools/client/netmonitor/test/html_copy-as-curl.html"
+  "Sec-Fetch-Dest" = "empty"
+  "Sec-Fetch-Mode" = "cors"
+  "Sec-Fetch-Site" = "same-origin"
+  "Pragma" = "no-cache"
+  "Cache-Control" = "no-cache"
+} \`
+-ContentType "text/plain;charset=UTF-8" \`
+-Body "Plaintext value as a payload"`);
+
+  info(
+    "Test powershell command for POST request with post body which contains ASCII non printing characters"
+  );
+  await performRequest("POST", `TAB character included in payload \t`);
+  await testClipboardContentForRecentRequest(`$session = New-Object Microsoft.PowerShell.Commands.WebRequestSession
+$session.Cookies.Add((New-Object System.Net.Cookie("bob", "true", "/", "example.com")))
+$session.Cookies.Add((New-Object System.Net.Cookie("tom", "cool", "/", "example.com")))
+Invoke-WebRequest -UseBasicParsing -Uri "https://example.com/browser/devtools/client/netmonitor/test/sjs_simple-test-server.sjs" \`
+-Method POST \`
+-WebSession $session \`
+-UserAgent "${navigator.userAgent}" \`
+-Headers @{
+"Accept" = "*/*"
+  "Accept-Language" = "en-US"
+  "Accept-Encoding" = "gzip, deflate, br"
+  "X-Custom-Header-1" = "Custom value"
+  "X-Custom-Header-2" = "8.8.8.8"
+  "X-Custom-Header-3" = "Mon, 3 Mar 2014 11:11:11 GMT"
+  "Origin" = "https://example.com"
+  "Referer" = "https://example.com/browser/devtools/client/netmonitor/test/html_copy-as-curl.html"
+  "Sec-Fetch-Dest" = "empty"
+  "Sec-Fetch-Mode" = "cors"
+  "Sec-Fetch-Site" = "same-origin"
+  "Pragma" = "no-cache"
+  "Cache-Control" = "no-cache"
+} \`
+-ContentType "text/plain;charset=UTF-8" \`
+-Body ([System.Text.Encoding]::UTF8.GetBytes("TAB character included in payload $([char]9)"))`);
+
+  async function performRequest(method, payload) {
+    const waitRequest = waitForNetworkEvents(monitor, 1);
+    await SpecialPowers.spawn(
+      tab.linkedBrowser,
+      [
+        {
+          url: HTTPS_SIMPLE_SJS,
+          method_: method,
+          payload_: payload,
+        },
+      ],
+      async function({ url, method_, payload_ }) {
+        content.wrappedJSObject.performRequest(url, method_, payload_);
+      }
+    );
+    await waitRequest;
+  }
+
+  async function testClipboardContentForRecentRequest(expectedClipboardText) {
+    const { document } = monitor.panelWin;
+
+    const items = document.querySelectorAll(".request-list-item");
+    EventUtils.sendMouseEvent({ type: "mousedown" }, items[items.length - 1]);
+    EventUtils.sendMouseEvent(
+      { type: "contextmenu" },
+      document.querySelectorAll(".request-list-item")[0]
+    );
+
+    /* Ensure that the copy as fetch option is always visible */
+    const copyAsPowerShellNode = getContextMenuItem(
+      monitor,
+      "request-list-context-copy-as-powershell"
+    );
+    is(
+      !!copyAsPowerShellNode,
+      true,
+      'The "Copy as PowerShell" context menu item should not be hidden on windows'
+    );
+
+    await waitForClipboardPromise(
+      async function setup() {
+        copyAsPowerShellNode.click();
+      },
+      function validate(result) {
+        if (typeof result !== "string") {
+          return false;
+        }
+        return expectedClipboardText == result;
+      }
+    );
+
+    info(
+      "Clipboard contains a powershell command for item " + (items.length - 1)
+    );
+  }
+});