fix: add referer headers to api calls

scripts/generate-manifest.js

@@ -16,7 +16,7 @@ const manifest = {
   author: 'Hiro PBC',
   description:
     'Hiro Wallet is a safe way to manage your STX, sign into apps, and protect your funds while interacting with Clarity smart contracts.',
-  permissions: ['contextMenus', 'storage'],
+  permissions: ['contextMenus', 'storage', 'webRequest', 'webRequestBlocking', '*://*/*'],
   manifest_version: 2,
   background: {
     scripts: ['background.js'],

src/app/index.tsx

@@ -2,15 +2,17 @@ import ReactDOM from 'react-dom';
 
 import { persistAndRenderApp } from '@app/common/persistence';
 import { initSentry } from '@shared/utils/sentry-init';
+import { InternalMethods } from '@shared/message-types';
+import { addRefererHeaderRequestListener } from '@shared/add-referer-header';
+
+import { inMemoryKeyActions } from './store/in-memory-key/in-memory-key.actions';
 import { initSegment } from './common/segment-init';
 import { store } from './store';
-import { InternalMethods } from '@shared/message-types';
-import { inMemoryKeyActions } from './store/in-memory-key/in-memory-key.actions';
-
 import { App } from './app';
 
 initSentry();
 void initSegment();
+addRefererHeaderRequestListener();
 
 declare global {
   interface Window {

src/background/background.ts

@@ -9,6 +9,7 @@ import * as Sentry from '@sentry/react';
 
 import { storePayload, StorageKey } from '@shared/utils/storage';
 import { RouteUrls } from '@shared/route-urls';
+import { addRefererHeaderRequestListener } from '@shared/add-referer-header';
 import { initSentry } from '@shared/utils/sentry-init';
 import {
   CONTENT_SCRIPT_PORT,
@@ -27,6 +28,7 @@ initSentry();
 
 initContextMenuActions();
 backupOldWalletSalt();
+addRefererHeaderRequestListener();
 
 //
 // Playwright does not currently support Chrome extension popup testing:

src/shared/add-referer-header.ts

@@ -0,0 +1,23 @@
+function formatInitiator(initiator: string) {
+  const [protocol, host] = initiator.split('://');
+  return [protocol, '://hiro-web-extension.', host].join('');
+}
+
+export function addRefererHeaderRequestListener() {
+  const handler = (details: chrome.webRequest.WebRequestHeadersDetails) => {
+    if (!details.requestHeaders) return;
+    const headers = [...details.requestHeaders];
+    if (details.initiator === `chrome-extension://${chrome.runtime.id}`) {
+      headers.push({ name: 'Referer', value: formatInitiator(details.initiator) });
+    }
+    return { requestHeaders: headers };
+  };
+  chrome.webRequest.onBeforeSendHeaders.addListener(
+    handler,
+    {
+      urls: ['https://*.stacks.co/*'],
+    },
+    ['requestHeaders', 'blocking', 'extraHeaders']
+  );
+  return () => chrome.webRequest.onBeforeSendHeaders.removeListener(handler);
+}