I have a Tampermonkey addon contacting my local dev server using Websockets. This doesn't work and throw the following error:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://127.0.0.1:3000/socket.io/?EIO=3&transport=polling&t=N9Bvvb3. (Reason: CORS request did not succeed).
So I tried the first three Addons found by a search by CORS:
- https://addons.mozilla.org/de/firefox/addon/cors-unblock/?src=search
- https://addons.mozilla.org/de/firefox/addon/cross-domain-cors/?src=search
- https://addons.mozilla.org/de/firefox/addon/cors-everywhere/?src=search
None of them seems to work. How can I fix this?
I know the security minds behind CORS. Since my software targets developers and is only be used locally, I don't need it. So I'm searching for an easy solution to allow my tampermonkey script to connect to localhost when accessing a web page like https://example.com.
I also tried different things on the server side to make CORS properly work like this or this, but still getting the error.
Server
let app = express();
app.use(express.static(path.resolve(`${__dirname}/../dist`)));
const certDir = "certs";
let httpOpts = {
key: fs.readFileSync(`${certDir}/localhost.key`),
cert: fs.readFileSync(`${certDir}/localhost.crt`),
requestCert: false,
rejectUnauthorized: false
};
var http = require("https").createServer(httpOpts, app);
var io = require("socket.io")(http);
Tampermonkey client scirpt
const localDevUrl = "https://127.0.0.1:3000";
this.socket = io(localDevUrl, { secure: true });
