带有清单版本 2 的 CORS Chrome 扩展 [英] CORS Chrome Extension with manifest version 2

问题描述

在编写 google chrome 扩展时可以使用 CORS 吗?

Is it possible to use CORS when writing a google chrome extension?

我看到了，http://developer.chrome.com/extensions/contentSecurityPolicy.html

我尝试将其插入清单中，"content_security_policy": "script-src 'self' https://twitter.com/; object-src 'self'",

And I tried inserting this into the manifest, "content_security_policy": "script-src 'self' https://twitter.com/; object-src 'self'",

但是一个 ajax 请求失败了XMLHttpRequest 无法加载 https://twitter.com/.Access-Control-Allow-Origin 不允许 Origin chrome-extension://olimhkjfpndfhdopbneamnekfalckinc.

but an ajax requestion fails with XMLHttpRequest cannot load https://twitter.com/. Origin chrome-extension://olimhkjfpndfhdopbneamnekfalckinc is not allowed by Access-Control-Allow-Origin.

推荐答案

启用跨域 Ajax 从你的扩展到 Twitter，你只需要在你的清单中列出 Twitter 作为主机权限:

To enable cross-origin Ajax from your extension to Twitter, you simply need to list Twitter as a host permission in your manifest:

...
"permissions": [
    "*://*.twitter.com/*"
],
...

这篇关于带有清单版本 2 的 CORS Chrome 扩展的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！