是否可以从Chrome中的内容脚本执行跨源XMLHttpRequest?

时间:2016-12-07 22:52:42

标签: javascript google-chrome google-chrome-extension xmlhttprequest cross-domain

Cross-Origin XMLHttpRequest的文档使我看起来只要我使用正确的权限就可以从通过https加载的页面访问http资源。但是在尝试此操作时,我收到以下错误消息。

content.js:1 Mixed Content: The page at 'https://www.example.com/' was loaded over HTTPS, but requested an insecure resource 'http://www.example.com/'. This request has been blocked; the content must be served over HTTPS.

清单:

{
  "name": "Test Extension",
  "version": "0.1",
  "permissions": [
    "http://www.example.com/*",
    "https://www.example.com/*",
  ],
  "content_scripts": [
    {
      "matches": [
        "http://www.example.com/*",
        "https://www.example.com/*"
      ],
      "js": ["content.js"],
      "run_at": "document_start"
    }
  ],
  "manifest_version": 2
}

content.js:

fetch('http://www.example.com/').then(response => {
    console.log('Done!')
});

1 个答案:

答案 0 :(得分:1)

你的问题不是问题。它是混合内容,即使在扩展中也无法解决。

您可以将请求移至背景页面(通过消息传递)。

相关问题
最新问题