cross-origin-read-blocking

How to make a cross-origin request in a content script (currently blocked by CORB despite the correct CORS headers)?

Based on the examples in “Changes to Cross-Origin Requests in Chrome Extension Content Scripts”, I replaced all invocations of fetch with a new method fetchResource, that has a similar API, but delegates the fetch call to the background page: // contentScript.js function fetchResource(input, init) { return new Promise((resolve, reject) => { chrome.runtime.sendMessage({input, init}, messageResponse => … Read more

Cross-origin request in a content script is blocked by CORB despite the correct CORS headers

Ajax call bug with Chrome new version 73.0.3683.75?

I had the same problem after upgrade to Chrome 73. Thanks to @wOxxOm This is the workaround until now: Go to chrome://flags Disabled the Enable network service UPDATE: This is not a bug, according to this announcement: https://www.chromium.org/Home/chromium-security/extension-content-script-fetches You will need to put the Cross-Origin Fetches to the background script instead of the content script.

Cross-Origin Read Blocking (CORB)

dataType:’jsonp’, You are making a JSONP request, but the server is responding with JSON. The browser is refusing to try to treat the JSON as JSONP because it would be a security risk. (If the browser did try to treat the JSON as JSONP then it would, at best, fail). See this question for more … Read more