我创建了一个chrome插件,该插件可以检测锚点检测器,并将锚点背景突出显示为红色。对于某些链接,即使它存在于同一域或外部链接中也显示为CORS错误。
请找到以下代码。
document.getElementById("test").addEventListener('click', () => {
console.log("Popup DOM fully loaded and parsed");
function CheckLinks(lnks) {
Object.keys(lnks).map(function(key) {
return [lnks[key].href, lnks[key].parentElement];
}).map((a) => {
if(a[0].indexOf('javascript') === -1 && a[0].indexOf('mailto') === -1){
UrlExists(a[0], 'GET', '', (exists) => {
if(!exists){
a[1].style.background = "Red";
}
}, (errorText) => {
console.log(errorText);
});
}
});
}
function modifyDOM() {
function UrlExists(url, method, data, callback, errback) {
var req;
if(XMLHttpRequest) {
req = new XMLHttpRequest();
if('withCredentials' in req) {
req.open(method, url, true);
req.onerror = errback;
req.onreadystatechange = function() {
if (req.readyState === 4) {
if (req.status >= 200 && req.status < 400) {
callback(true);
} else {
callback(false);
}
}
};
req.setRequestHeader("Access-Control-Allow-Origin",true);
req.send(data);
}
} else if(XDomainRequest) {
req = new XDomainRequest();
req.open(method, url);
req.onerror = errback;
req.onload = function() {
callback(true);
};
req.send(data);
} else {
errback('CORS not supported');
}
}
//You can play with your DOM here or check URL against your regex
console.log('Tab script:');
console.log(document.links);
Object.keys(document.links).map(function(key) {
return [document.links[key].href, document.links[key].parentElement];
}).map((a) => {
if(a[0].indexOf('javascript') === -1){
UrlExists(a[0], 'GET', '', (exists) => {
if(!exists){
a[1].style.background = "Red";
}
}, (errorText) => {
console.log(errorText);
});
}
});
}
//We have permission to access the activeTab, so we can call chrome.tabs.executeScript:
chrome.tabs.executeScript({
code: '(' + modifyDOM + ')();' //argument here is a string but function.toString() returns function's code
}, (results) => {
//Here we have just the innerHTML and not DOM structure
console.log('Popup script:')
console.log(results[0]);
//CheckLinks(results[0]);
});
});
一些错误
对预检请求的响应未通过访问控制检查:否 请求中存在“ Access-Control-Allow-Origin”标头 资源。
无法加载https://portal.office.com/account/#security:响应 飞行前检查无效(重定向)