Cross-origin XHR from a user script in Google Chro

2019-01-09 10:32发布

站内问答 / 前端开发
1666 2 6

Has anybody had any luck performing cross origin XHRs from a user script in Google Chrome? The requests go through to the server (I can see them in the logs) but, the readystatechanged event is never fired.

Extension permissions don't seem to be doing the trick. Neither is JSONP.

2条回答
家丑人穷心不美
2楼-- · 2019-01-09 10:58

As of Chrome 13, you can do cross origin requests in Content Scripts if you included the permission to the website in the manifest.

A user script in Chrome is a content script. Content scripts cannot make cross-origin XHRs. If you wish to do cross-origin XHRs, it should be done in the extension pages (background, popup, options).

For more info: http://code.google.com/chrome/extensions/content_scripts.html http://code.google.com/chrome/extensions/xhr.html

查看更多
0人赞 添加讨论(0) 举报
迷人小祖宗
3楼-- · 2019-01-09 11:08

Current versions of Chrome (13.0.781 or later) now support most or all of the GM_xmlhttpRequest()Doc functionality -- including cross-domain requests.
See Issue 18857: Support cross-site XMLHttpRequest in content scripts.

So this script works perfectly fine now on Chrome (and Firefox, of course): 

// ==UserScript==
// @name            _Cross domain (XSS) GM_xmlhttpRequest, Chrome too
// @include         http://stackoverflow.com/*
// @grant           GM_xmlhttpRequest
// ==/UserScript==

GM_xmlhttpRequest ( {
    method:     "GET",
    url:        "http://www.google.com/",
    onload:     function (response) {
                    console.log (   response.status,
                                    response.responseText.substring (0, 80)
                                );
                }
} );


(Install that script, then browse any SO page. The script will write the first 80 characters of the Google home page to the console.)

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(6)