louis/gigafibre-fsm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(cogeco-checker): disable browser cache to rule it out as 401 cause

Browse Source 
Tested the hypothesis that a warm Chromium cache (the register GET being
re-served stale) was causing the protected address/search 401. Disabled
the HTTP cache (CDP Network.setCacheDisabled), the on-disk cache
(--disk-cache-size=0) and service workers (serviceWorkers:'block').

Result: identical trace — register=200 (freshly minted, not cached),
autocomplete=200, address/search=401. So cache was NOT the cause; the
401 is a server-side authorization decision on the protected endpoint
(reCAPTCHA Enterprise assertion required). Keeping the cache-disable as
hygiene + to definitively rule it out in future debugging.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
louispaulb 2026-06-01 21:47:19 -04:00
parent 68ba64c47b
commit 5bc42bda9f
1 changed files with 17 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
services/cogeco-checker/lib/cogeco-session.js
View File

@ -52,7 +52,10 @@ async function getBrowser () {
if (_browser && _browser.isConnected()) return _browser
_browser = await chromium.launch({
headless: true,
args: ['--no-sandbox', '--disable-dev-shm-usage', '--disable-blink-features=AutomationControlled'],
args: [
'--no-sandbox', '--disable-dev-shm-usage', '--disable-blink-features=AutomationControlled',
'--disk-cache-size=0', '--media-cache-size=0', // no on-disk HTTP cache
],
})
return _browser
}
@ -122,8 +125,21 @@ async function checkAddress (address, { debug = false } = {}) {
locale: 'en-CA',
userAgent: 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/149.0.0.0 Safari/537.36',
viewport: { width: 1280, height: 900 },
serviceWorkers: 'block', // a SW could intercept/cache the register + API calls
})
const page = await ctx.newPage()
// DISABLE the HTTP cache for this session. /boutique/api/register is a GET,
// so a warm Chromium cache can re-serve an already-consumed/expired token
// instead of letting the page mint a fresh one — which makes the protected
// address/search call 401 even though register "succeeded". Forcing every
// request (incl. register) onto the network keeps the token fresh. CDP is
// Chromium-only; best-effort (don't fail the check if it's unavailable).
try {
const cdp = await ctx.newCDPSession(page)
await cdp.send('Network.setCacheDisabled', { cacheDisabled: true })
} catch { /* CDP unavailable under this driver — continue uncached-best-effort */ }
const captured = []
// Track the serviceability call specifically; keep the best (200 wins over 401).
let serviceResp = null