sarah_leah
sarah_leah

Reputation: 125

How does Google Chrome's Advanced REST client make cross domain POST requests?

How does Google Chrome's ADVANCED REST CLIENT plugin make cross domain POST requests? I thought maybe something with CORS but I don't see "Access-Control-Allow-Origin" in any response. This is a link to the plugin:

https://chrome.google.com/webstore/detail/hgmloofddffdnphfgcellkdfbfbjeloo/related?hl=en-US

Upvotes: 9

Views: 4300

Answers (1)

UltraInstinct
UltraInstinct

Reputation: 44444

Short answer: Extensions are different from normal web pages. They can ask for extra permissions during the course of installation.

(slightly) Long answer: The main requirement of plugins/extensions is that they are able to access different domains. They can ask for extra permission during the installation (The user is typically warned that the extension can access data on those domains).

Take a look at the manifest.json file of the extension you are talking about. More specifically:

"permissions": [
    "<all_urls>", "cookies", "history"
  ]

Upvotes: 12

Related Questions