Since v38, Chrome extension cannot load from HTTP URLs anymore, workaround? -
the users of our website run our chrome plugin which, amongst other things, performs cross-origin requests via xmlhttprequest described on chrome extension development pages. has been running fine few years now. however, ever since our users upgraded latest version of chrome (v38), these requests have failed. our site runs on https , of urls loaded via our content script on http. message is:
[blocked] page @ 'https://www.ourpage.com/' loaded on https, ran insecure content 'http://www.externalpage.com': content should loaded on https.
the reported line error occurred in content script i'm issuing http call:
xhr.send(null);
i have no control on external page , rather not remove ssl our own page. question: bug or there workaround not aware of?
(note: permissions in manifest set <all_urls>
had worked long time. setting http://*/
, https://*/
did not help.)
if possible, use https version of external page.
if not possible, use background page handle ajax request (example).
Comments
Post a Comment