Skip to content

Instantly share code, notes, and snippets.

@ku

ku/README.md

Last active February 14, 2018 03:27
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save ku/adf3b4fd315256e0a4ff76e63dd1f24a to your computer and use it in GitHub Desktop.
Save ku/adf3b4fd315256e0a4ff76e63dd1f24a to your computer and use it in GitHub Desktop.
Download ZIP
chrome extension allows all CORS
Raw
README.md
  1. clone this gist
  2. edit "permissions" of manifest.json to fit your environment
  3. open chrome://extensions/
  4. click "Load unpacked extension..."
  5. select the directory where the files are placed
  6. chrome no longer prohibits CORS requests in permitted domains

Popsicle icon is by Lee dessert Collection | Noun Project licensed as Creative Commons CCBY.

Raw
content.js
document.addEventListener('INSECURE_CORS_REQUEST', (ev) => {
let {method, url, params, sequence} = ev.detail
if (method === "GET") {
if (params) {
const q = Object.keys(params).map( (k) => {
const v = params[k]
return [k, v].map(encodeURIComponent).join('=')
}).join('&')
url = url + "?" + q
}
}
fetch(url).then( response => response.json() ).then( response => {
const ev = new CustomEvent('INSECURE_CORS_RESPONSE', {
detail: { response, sequence }
})
document.dispatchEvent(ev)
})
}, false)
Raw
manifest.json
{
"version": "0.4.1",
"manifest_version": 2,
"background": {
"scripts": ["background.js"],
"persistent": false
},
"browser_action": {
},
"description": "cors",
"icons": {
"128": "icon128.png",
"16": "icon16.png",
"32": "icon32.png",
"64": "icon64.png"
},
"name": "cors",
"content_scripts" : [{
"matches" : ["http://localhost:3000/*"],
"css" : [],
"js" : [
"content.js"
],
"run_at" : "document_start",
"all_frames" : true
}],
"commands": {
},
"permissions": [ "tabs",
"http://localhost:3000/*",
"https://remote-domain.example.com/*"
]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment