Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cross-Origin Read Blocking (CORB) blocked cross-origin response #36

Closed
bumaociyuan opened this issue May 7, 2019 · 4 comments
Closed

Cross-Origin Read Blocking (CORB) blocked cross-origin response #36

bumaociyuan opened this issue May 7, 2019 · 4 comments
Labels
in-progress Feature or bug is being worked on or fixed

Comments

@bumaociyuan
Copy link

bumaociyuan commented May 7, 2019
edited
Loading 

GM_xmlhttpRequest({
  method: 'GET',
  url:'https://somedomain.com',
  onload: function(responseDetails) {
})

The script works well before chrome 72

On latest chrome get error as follow

crmapi.js:5 Cross-Origin Read Blocking (CORB) blocked cross-origin response https://somedomain.com/ with MIME type text/html. See https://www.chromestatus.com/feature/5629709824032768 for more details.
@bumaociyuan
Copy link
Author

https://www.chromium.org/Home/chromium-security/extension-content-script-fetches

@SanderRonde
Copy link
Owner

Thanks for the issue, this does indeed seem to be a pretty big problem since it blocks all possibilities for creating XHRs. I think it would be best if I created a new method on the CRM API that would make the request through the background page. The GM_xmlhttpRequest function is more of a polyfill for tamper/greasemonkey scripts so it should mimic its implementation as much as possible.

I'll be posting details about the new method when I've implemented it so you can use it right away when the new version is released.

@SanderRonde SanderRonde added the in-progress Feature or bug is being worked on or fixed label May 7, 2019
@bumaociyuan
Copy link
Author

bumaociyuan commented May 7, 2019
edited
Loading

@SanderRonde Thank you for reply

By the way. I found a solution for this issue https://qiita.com/nulltypo/items/4e5c494971955c767531.

@SanderRonde
Copy link
Owner

I've added the crmAPI.fetch(url) and crmAPI.fetchBackground(url) functions. The first done does basically the same as window.fetch while the second one avoids the CORB problem by doing the fetch through the backgroundpage. They should be available in the next update.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
in-progress Feature or bug is being worked on or fixed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bumaociyuan @SanderRonde