Bug in sending events based on XMLHttpRequest.prototype.send
In Sender.ts, private _xhrSender(payload: string, isAsync: boolean) method:
The line var xhr = new XMLHttpRequest(); relies on an existing xhr object may be overriden in some properties.
For instance, if I override XMLHttpRequest.prototype.send(), I could break the sending flow of events.
I saw this happen in JIRA (Atalassian) with appInsights.
This is a functionality issue as well as a security issue.
The appInsights JS code should obtain the original send() code or save the prototype.send at the start of the code (to at list avoid changes during runtime)
Guy Lewin commented
Is there anything new with this? Our product relies on this solution and we're currently making workarounds