Access-Control-Allow-Origin icon indicating copy to clipboard operation
Access-Control-Allow-Origin copied to clipboard

Published 20 hours ago verified publisher icon vitvad

interferes with some websites

Open tarranjones opened this issue 9 years ago • 7 comments

I've had a couple of issues when "Access-Control-Expose-Headers" is enabled and were immediately fixed when disabled.

tarranjones avatar Feb 03 '16 21:02 tarranjones

attempting to login to github

tarranjones avatar Feb 03 '16 21:02 tarranjones

Playing videos on youtube

tarranjones avatar Feb 03 '16 21:02 tarranjones

That's why I suggest to be able to disable or enable it based on domain, just like how Ad blockers behave.

aziz avatar Feb 05 '16 10:02 aziz

Cant you use localStorage to remember whether it was enabled or not. Every now and then i use chrome and its enabled again. not sure why?

tarranjones avatar Feb 05 '16 16:02 tarranjones

@aziz sounds great! You literally cannot use the chrome when having CORS, we definitely needs white list domain based to turn on CORS.

yaring avatar Jun 08 '16 15:06 yaring

The problem with websites is that extension thrashes rest of headers(reasons are not clear to me). Lines in background.js:

return {requestHeaders: details.requestHeaders}; ... return {responseHeaders: details.responseHeaders}; should be simply return requestHeaders; & return responseHeaders; (I checked Youtube after this modification and it worked). @vitvad is there any reason for this?

ondratra avatar Aug 27 '16 12:08 ondratra

Nevermind my previous comment. It actually breaks the mechanism and "working Youtube" is probably just side effect.

ondratra avatar Aug 27 '16 13:08 ondratra