Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Chrome Extension: how to change origin in AJAX request header?

Tags:

javascript

ajax

same-origin-policy

cross-domain

google-chrome-extension

I'm trying to manually set an origin in an ajax request header. In my background.js, I have this 

var ajaxResponse;
$.ajax({
    type:'POST',
    url:'www.somewebsite.com/login/login.asp',
    headers:{
            'origin': 'https://www.somewebsite.com'
    },
    success: function(response){
        ajaxResponse = response;
    }
});

As you can see, the origin is changed. But when this Chrome extension get executed, the origin gets override to chrome-extension://iphajdjhoofhlpldiilkujgommcolacc and the console gives error 'Refused to set unsafe header "origin"'

I've followed Chrome API (http://developer.chrome.com/extensions/xhr.html), and already set the permission as follows

"permissions": [
     "https://www.somewebsite.com/*"
 ],

Does anyone know how to properly set the origin in header? Thanks!

like image 847
Maria Avatar asked Jan 01 '14 00:01

Maria

People also ask

Can I change origin in request header?

You cannot change the Origin header the browser sends when your JavaScript asks it to make an HTTP request. (Firefox, at least, will ignore attempts to set it). There isn't any point in changing it anyway.

How do I get a header from ajax request?

To add a custom header to an individual request then just add the headers property: // Request with custom header $. ajax({ url: 'edureka/co', headers: { 'custom-header': 'some value' } }); To add a default header to every request then use $.

What is request header origin?

The Origin request header indicates the origin (scheme, hostname, and port) that caused the request. For example, if a user agent needs to request resources included in a page, or fetched by scripts that it executes, then the origin of the page may be included in the request. Header type. Request header.

1 Answers

You probably misinterpreted the docs:
the extension can request access to remote servers outside of its origin

This means that the extension can send the request to the remote servers (i.e. the browser itself will not block the request as would happen with a normal web-page's JS).
This does not mean that the extension will be allowed to send arbitrary headers along with the request nor that the remote server will respond to the request.

So, if the remote server, requires a specific value for the Origin header, then there is nothing you can do, since according to the specs you are not allowed to set the Origin header (and this limitation also holds for extensions).

like image 59
gkalpak Avatar answered Oct 05 '22 23:10

gkalpak
Sign in to Comment

Related questions

Find the value on wheel for wheel of fortune
Overriding node.js querystring.escape within a single module
What's the difference between using instanceof and checking the constructor?
Pause Youtube embed when playing Soundcloud embed
cannot call val() if initSelection() is not defined error in select2 plugin
JQuery search in array of object
Is there a way to perform all Modernizr tests all at once?
Syntax error for cross domain messaging
preview an image before uploading using FileReader, rotates the image
How to Prevent/Manage Stripe Webhook Sending Invoice for $0 on Trial Signup?
x is not a function ... what would you expect Object.create to do with a constructor
Sublime JSFormat: configure to not auto-format JSON
ThreeJS: Text Sprite's font size difference between WebGL renderer and Canvas renderer
Background Size: Contain, get Size after scale
open new Outlook from website, too long mailTo Link, *.eml file bcc field not loaded
JS/JQuery: Dynamically add "pattern" and "title" attribute to form input
Simulate a mouse-click in Javascript [duplicate]
Header checkbox checks gridview rows however interface shows otherwise
Custom grunt-modernizr with non-core detects
how to detect screen size or mobile/desktop using twig

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!