php chrome 扩展上的 Access-Control-Allow-Origin
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/7056156/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Access-Control-Allow-Origin on chrome extension
提问by Raimonds
I'm making a Chrome extension which pulls data from my own server. It uses about 4 httpRequests at a time, but sometimes I get console error as follows:
我正在制作一个 Chrome 扩展程序,它从我自己的服务器中提取数据。它一次使用大约 4 个 httpRequest,但有时我会收到如下控制台错误:
XMLHttpRequest cannot load http://apps.radionsm.lv/apps/system/index.php?request=now. Origin chrome-extension://egkddfmbidfobhchndockbhjancbpfkd is not allowed by Access-Control-Allow-Origin.for everyone sometimes no.
XMLHttpRequest cannot load http://apps.radionsm.lv/apps/system/index.php?request=now. Origin chrome-extension://egkddfmbidfobhchndockbhjancbpfkd is not allowed by Access-Control-Allow-Origin.对于每个人有时没有。
If I send header('Access-Control-Allow-Origin: *');will this fix it?
如果我发送,header('Access-Control-Allow-Origin: *');这会解决吗?
采纳答案by Alasdair
https://developer.chrome.com/extensions/xhr
https://developer.chrome.com/extensions/xhr
Read through that documentation and check that your permissions have been setup correctly.
通读该文档并检查您的权限是否已正确设置。
回答by Eamonn
You're trying to do cross origin resource sharing (CORS). The bad news is that without a server as a middle man there is no way to do this on a normal web page. The good news is that in a chrome extension you can request permission to access any url's you want. Just put something like this in your manifest.json file.
您正在尝试进行跨源资源共享 (CORS)。坏消息是,如果没有服务器作为中间人,就无法在普通网页上做到这一点。好消息是,在 chrome 扩展程序中,您可以请求访问任何您想要的 url 的权限。只需在您的 manifest.json 文件中放入类似的内容即可。
Allow connections to your site:
允许连接到您的站点:
"permissions": [
"http://*.radionsm.lv/"
],
Allow connections to any site:
允许连接到任何站点:
"permissions": [
"http://*/"
],
When the user installs your extension chrome will inform them of the permissions required in a dialogue box prior to the completion of the install.
当用户安装您的扩展程序时,chrome 会在安装完成之前在对话框中通知他们所需的权限。
回答by monsur
Chrome Extensions have two "modes" when making cross-domain XHR requests:
Chrome 扩展在发出跨域 XHR 请求时有两种“模式”:
1) If the domain is in the "permissions" section of the manifest.json file - The request doesn't have an "Origin" header, and it always succeeds.
1) 如果域在 manifest.json 文件的“权限”部分 - 请求没有“源”标头,它总是成功。
2) If the domain is not in "permissions" - The request includes an "Origin" header with the value "chrome-extension://..." This indicates that the request is a CORS request, and the response must have a valid Access-Control-Allow-Origin header in order to succeed.
2) 如果域不在“权限”中 - 请求包含一个值为“chrome-extension://...”的“Origin”标头,这表明该请求是 CORS 请求,并且响应必须具有有效的 Access-Control-Allow-Origin 标头才能成功。
