Edit HTTP Request header with WebView2

Question

I am using the new WebView2 control that has recently been released for .NET and I need to add an authorization value to the request header when navigating to a site but am unable to find a way to do it. Since this is control is relatively new and my first time using it, I could also be completely missing the method that actually does this.

The only information I can find so far is found in the c++ documentation: ICoreWebView2HttpRequestHeaders

It specifically says

Used to inspect the HTTP request on WebResourceRequested event and NavigationStarting event. Note, you can modify the HTTP request headers from a WebResourceRequested event, but not from a NavigationStarting event.

This event is available in .NET and I am able to catch it and see the request headers but they don't seem editable or at least I am trying to edit them incorrectly. After I try to edit the header, the authorization property is still null and is not passed through with the request.

private void CoreWebView2_WebResourceRequested(object sender, Microsoft.Web.WebView2.Core.CoreWebView2WebResourceRequestedEventArgs e)
{
    var authHeaderValue = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", "the_token_value");
    e.Request.Headers.Authorization = authHeaderValue;
}

What is the correct way, if there is a way, to set this value as you cannot seem to modify the eventargs directly. It's also very likely I could be using this event wrong.

Any assistance is appreciated.

Answer 1

You can use

private void Navigate(string url, string uriAdditionalHeader)
{
  var httpMethodName = "GET"; // or "POST". As of now only GET and POST is supported as part of NavigateWithWebResourceRequest.

  var resourceRequest = this.coreWebView2.Environment.CreateWebResourceRequest(url, "GET", Stream.Null, **uriAdditionalHeader**);
  this.coreWebView2.NavigateWithWebResourceRequest(resourceRequest);
                
}

Answer 2

WebResourceRequested event is raised when the WebView is performing a URL request to a matching URL and resource context filter that was added with AddWebResourceRequestedFilter.

In the following code example, I handled the basic authentication which can be tested by guest as username and password for this url: https://jigsaw.w3.org/HTTP/Basic/

private async void Form1_Load(object sender, EventArgs e)
{
    var authData = System.Text.Encoding.UTF8.GetBytes("guest:guest");
    var authHeader = $"Basic {Convert.ToBase64String(authData)}";

    await webView21.EnsureCoreWebView2Async();
    webView21.CoreWebView2.AddWebResourceRequestedFilter("https://jigsaw.w3.org/*", 
        Microsoft.Web.WebView2.Core.CoreWebView2WebResourceContext.All);

    webView21.CoreWebView2.WebResourceRequested += (obj, args) =>
    {
        args.Request.Headers.SetHeader("Authorization", authHeader);
    };
    webView21.CoreWebView2.Navigate("https://jigsaw.w3.org/HTTP/Basic/");
}

Answer 3

The reason is that the WebResourceRequested event has various issues that Microsoft are hopefully going to fix and the inability to amend the headers has been reported (see below).

For example:

Unable to set headers in WebResourceRequested event handler (which is the same link given in Nic's answer)

Setting Response in WebResourceRequested event fails

Cannot set headers or cookies in WebResourceRequested event fails

which is also partly mentioned here: Support for getting and setting cookies in WebView2 control

So in conclusion, you have coded it the correct way, but you won't be able to set the authorisation header from within WebResourceRequested until it is fixed by Microsoft.

I appreciate that this answer doesn't provide a solution, but I hope it does at least answer the question as to why the code currently doesn't work.

Answer 4

This is a known bug on WebView2 currently being worked on: https://github.com/MicrosoftEdge/WebViewFeedback/issues/259

If you find more bugs like this in the future feel free to open issues on the feedback repo: https://github.com/MicrosoftEdge/WebViewFeedback/issues

Thanks!