问题
I'm making a Chrome extension which pulls data from my own server. It uses about 4 httpRequests at a time, but sometimes I get console error as follows:
XMLHttpRequest cannot load http://apps.radionsm.lv/apps/system/index.php?request=now. Origin chrome-extension://egkddfmbidfobhchndockbhjancbpfkd is not allowed by Access-Control-Allow-Origin. for everyone sometimes no.
If I send header('Access-Control-Allow-Origin: *'); will this fix it?
回答1:
https://developer.chrome.com/extensions/xhr
Read through that documentation and check that your permissions have been setup correctly.
回答2:
You're trying to do cross origin resource sharing (CORS). The bad news is that without a server as a middle man there is no way to do this on a normal web page. The good news is that in a chrome extension you can request permission to access any url's you want. Just put something like this in your manifest.json file.
Allow connections to your site:
"permissions": [
"http://*.radionsm.lv/"
],
Allow connections to any site:
"permissions": [
"http://*/"
],
When the user installs your extension chrome will inform them of the permissions required in a dialogue box prior to the completion of the install.
回答3:
Chrome Extensions have two "modes" when making cross-domain XHR requests:
1) If the domain is in the "permissions" section of the manifest.json file - The request doesn't have an "Origin" header, and it always succeeds.
2) If the domain is not in "permissions" - The request includes an "Origin" header with the value "chrome-extension://..." This indicates that the request is a CORS request, and the response must have a valid Access-Control-Allow-Origin header in order to succeed.
来源:https://stackoverflow.com/questions/7056156/access-control-allow-origin-on-chrome-extension