[BEEEP] [PM-2844] Add 'Accept-Language' header to ApiService requests with value obtained from i18nService

[r-tome]

…

🎟️ Tracking

📔 Objective

📸 Screenshots

⏰ Reminders before review

• Contributor guidelines followed
• All formatters and local linters executed and passed
• Written new unit and / or integration tests where applicable
• Protected functional changes with optionality (feature flags)
• Used internationalization (i18n) for all UI strings
• CI builds passed
• Communicated to DevOps any deployment requirements
• Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[github-actions]

Checkmarx One – Scan Summary & Details – c4813c99-e6da-461d-8328-779b5d50a1bf

New Issues (19)

Checkmarx found the following issues in this Pull Request

Severity	Issue	Source File / Package	Checkmarx Insight
	CVE-2024-52798	Npm-path-to-regexp-0.1.10	Vulnerable Package
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 1166	details Method buildCipherDetailsElement at line 1166 of /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts sends user ... Attack Vector
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 130	details Method initAutofillInlineMenuList at line 130 of /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts sends user ... Attack Vector
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 86	details Method initAutofillInlineMenuList at line 86 of /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts sends user i... Attack Vector
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 38	details Method at line 38 of /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts sends user information outside the app... Attack Vector
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 130	details Method initAutofillInlineMenuList at line 130 of /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts sends user ... Attack Vector
	Client_Privacy_Violation	/apps/browser/src/vault/popup/components/vault/attachments.component.html: 25	details Method attachments_component at line 25 of /apps/browser/src/vault/popup/components/vault/attachments.component.html sends user information outside... Attack Vector
	Client_Privacy_Violation	/apps/browser/src/vault/popup/components/vault/attachments.component.html: 25	details Method attachments_component at line 25 of /apps/browser/src/vault/popup/components/vault/attachments.component.html sends user information outside... Attack Vector
	Client_Privacy_Violation	/apps/web/src/app/auth/lock.component.ts: 20	details Method LockComponent at line 20 of /apps/web/src/app/auth/lock.component.ts sends user information outside the application. This may constitute a P... Attack Vector
	Client_Privacy_Violation	/apps/browser/src/vault/popup/components/cipher-row.component.ts: 11	details Method app_cipher_row at line 11 of /apps/browser/src/vault/popup/components/cipher-row.component.ts sends user information outside the application... Attack Vector
	Client_Privacy_Violation	/apps/browser/src/vault/popup/components/cipher-row.component.ts: 11	details Method app_cipher_row at line 11 of /apps/browser/src/vault/popup/components/cipher-row.component.ts sends user information outside the application... Attack Vector
	Client_Privacy_Violation	/apps/web/src/app/auth/lock.component.ts: 20	details Method at line 20 of /apps/web/src/app/auth/lock.component.ts sends user information outside the application. This may constitute a Privacy Violat... Attack Vector
	Client_Privacy_Violation	/apps/desktop/src/auth/lock.component.html: 32	details Method lock_component at line 32 of /apps/desktop/src/auth/lock.component.html sends user information outside the application. This may constitute ... Attack Vector
	Client_Privacy_Violation	/apps/browser/src/tools/popup/generator/password-generator-history.component.html: 26	details Method password_generator_history_component at line 26 of /apps/browser/src/tools/popup/generator/password-generator-history.component.html sends u... Attack Vector
	Client_Privacy_Violation	/apps/browser/src/vault/popup/components/vault/password-history.component.html: 18	details Method password_history_component at line 18 of /apps/browser/src/vault/popup/components/vault/password-history.component.html sends user informati... Attack Vector
	Client_DOM_Open_Redirect	/apps/browser/src/tools/popup/generator/password-generator-history.component.ts: 19	details The potentially tainted value provided by location in /apps/browser/src/tools/popup/generator/password-generator-history.component.ts at line 19 is... Attack Vector
	Client_DOM_Open_Redirect	/apps/browser/src/vault/popup/components/vault/attachments.component.ts: 37	details The potentially tainted value provided by location in /apps/browser/src/vault/popup/components/vault/attachments.component.ts at line 37 is used as... Attack Vector
	Client_DOM_Open_Redirect	/apps/browser/src/billing/popup/settings/premium.component.ts: 29	details The potentially tainted value provided by location in /apps/browser/src/billing/popup/settings/premium.component.ts at line 29 is used as a destina... Attack Vector
	Client_DOM_Open_Redirect	/apps/browser/src/vault/popup/components/vault/password-history.component.ts: 23	details The potentially tainted value provided by location in /apps/browser/src/vault/popup/components/vault/password-history.component.ts at line 23 is us... Attack Vector

Fixed Issues (29)

Great job! The following issues were fixed in this Pull Request

Severity	Issue	Source File / Package
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 432
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 432
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 130
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 86
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 1189
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 1189
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 38
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 1281
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 453
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 432
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 432
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 432
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 432
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 432
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 432
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 432
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 432
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 432
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 432
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 432
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 432
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 432
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 432
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 432
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 432
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 432
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 432
	Client_Privacy_Violation	/libs/vault/src/components/decryption-failure-dialog/decryption-failure-dialog.component.html: 17
	Client_JQuery_Deprecated_Symbols	/apps/browser/src/background/runtime.background.ts: 94

[codecov]

Codecov Report

Attention: Patch coverage is 0% with 2 lines in your changes missing coverage. Please review.

Project coverage is 34.13%. Comparing base (1d04a0a) to head (5af754b).
Report is 174 commits behind head on main.

✅ All tests successful. No failed tests found.

Files with missing lines	Patch %	Lines
libs/common/src/services/api.service.ts	0.00%	2 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #12827      +/-   ##
==========================================
+ Coverage   33.44%   34.13%   +0.69%     
==========================================
  Files        2924     2936      +12     
  Lines       91420    90441     -979     
  Branches    17381    16990     -391     
==========================================
+ Hits        30574    30871     +297     
+ Misses      58438    57112    -1326     
- Partials     2408     2458      +50     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.