Can I ignore CORS in a Chrome extension?

Asked Jun 19 '23 at 23:11

Active Jun 21 '23 at 06:40

Viewed 168 times

I'm working on a Google Chrome extension for site A that displays data from site B (example.com) for each page. When I try to do:

fetch('example.com')

In my Chrome extension with this in my manifest.json:

    "permissions": [
        "*://example.com/*"
    ],
    "host_permissions": [
        "*://example.com/*",
    ]

I still get this error:

Access to fetch at 'https://example.com/' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

Is it possible to tell Chrome to let me make CORS requests from the extension or is there no special permission for extensions? Do I have to host a proxy? I have no control over either site.

edited Jun 21 '23 at 06:40

dakab

5,379
9
43
67

asked Jun 19 '23 at 23:11

Boris Verkhovskiy

14,854
11
100
103

Manifestv3 will make it hard, but yes it's possible, I know I was doing similar with tampermonkey for cross-browser compliance. – BGPHiJACK Jun 19 '23 at 23:14

Can I ignore CORS in a Chrome extension?

0 Answers0