0

I try to get a DA metric of some website in my chrome extension. So I am sending an XMLHttpRequest to Moz Links Api in my chrome extension, but it always jumps from readystate 2 to readystate 4 and as a result I'm receiving an empty response (though if I just paste the requested url in the browser, it all works). I've added "https://lsapi.seomoz.com/*" as a permission in my manifest file, so it shouldn't be a problem of cross-origin request. Any idea what I'm doing wrong? Below are the codes from manifest.json and content.js and a printscreen from console. Manifest.json:

{
 "name": "My Test Extension",
 "version": "1.0",
 "description": "Extension for getting DA from Moz Links Api",
 "manifest_version": 2,
 "key": "inmofflbicpabbgikeicfhdgolglgmca",
 "permissions": [
    "https://lsapi.seomoz.com/*"
     ],
 "background": {
  },
 "browser_action": {
     "default-title": "Test extension"
  },
  "content_scripts": [
    {
     "matches": [
     "https://www.google.com/*"
      ],
  "js": ["content.js",
    "lib/cryptojs/components/core-min.js", 
    "lib/cryptojs/components/enc-base64-min.js",
    "lib/cryptojs/rollups/hmac-sha1.js"
     ]
   }
 ]

}

content.js:

window.onload = function() {
function time() {
    var timestamp = Math.floor(new Date().getTime() / 1000)
    return timestamp;
}
var expires=time()+300;
var AccessID="<myAccessID>";
var baseString= AccessID+"\n"+expires;
var signingKey="<mysecretkey>";
var raw_signature = CryptoJS.HmacSHA1(baseString, signingKey);
var signature = raw_signature.toString(CryptoJS.enc.Base64);
var requestUrl = "https://lsapi.seomoz.com/linkscape/url-metrics/www.pointvisible.com?Cols=
 68719476736&AccessID="+AccessID+"&Expires="+expires+"&Signature="+signature;
var MozRequest=new XMLHttpRequest();
MozRequest.open('GET', requestUrl);
MozRequest.send();
MozRequest.onreadystatechange = function(response) {
    console.log("readystate "+MozRequest.readyState+" status "+ MozRequest.status);
    if (MozRequest.readyState === 4 && MozRequest.status == 200) {
        try{
            console.log('try readystate 4', response);
            console.log(MozRequest.responseType);
            console.log(MozRequest.status+':'+MozRequest.statusText);
            console.log(MozRequest.response);
            var res=JSON.parse(MozRequest.responseText);
            console.log(res);
            var DA=res["pda"];
            console.log(DA);
        } catch(e){
            console.log(e)
        }
    }
  }
}

printscreen from console: console printscreen

Evgeniya
  • 11
  • 2
  • Content scripts can't make cross-origin requests in modern Chrome. Do it in the background script. – wOxxOm Aug 24 '20 at 07:31
  • wOxxOm, how can I check if it's working in the background script? I can't see anything in the console. I'm trying to make a request from background script, set a variable in local storage with received value and then retrieve this variable in content script, but it seems that variable wasn't set, which means I didn't receive a response in my XMLHttpRequest again – Evgeniya Aug 24 '20 at 09:44
  • Use [messaging](https://www.chromium.org/Home/chromium-security/extension-content-script-fetches#TOC-2.-Avoid-Cross-Origin-Fetches-in-Content-Scripts), see also [Where to read console messages from background.js in a Chrome extension?](https://stackoverflow.com/q/10257301) – wOxxOm Aug 24 '20 at 09:51
  • Never mind, I've figured it out - the problem was that I retrieved variable from local storage at a wrong stage. It seems that my XMLHttpRequest works in the background script! Thanks for your help and for the link about console messages - I'll need it. – Evgeniya Aug 24 '20 at 10:03

0 Answers0