google-chrome – Chrome extension: server requests

Question:

There is an extension, there is a regular AJAX-запрос (in pure JS ) to the server.

Q: why is the request being sent? Dispatched despite the fact that I do NOT have the Access-Control-Allow-Origin header on my server.

And if you run this file locally, then it gives an error:

XMLHttpRequest cannot load {url}. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access.

Answer:

The Extensions API has been specifically designed with this capability in mind. XHR requests from extensions are not limited by the same origin policy .

You can read more about this in the English documentation for Chrome Extensions: Cross-Origin XMLHttpRequest

You just need to correctly specify permissions in manifest.json.

Scroll to Top