jo5ef / force-cors Goto Github PK
View Code? Open in Web Editor NEWA Firefox Extension to add CORS headers to responses.
Home Page: http://www-jo.se/f.pfleger/forcecors
A Firefox Extension to add CORS headers to responses.
Home Page: http://www-jo.se/f.pfleger/forcecors
FirefoxDeveloperEdition is blocking the installation, even after I added the site to the allowed sites exception list. This is probably a sign of things to come for mainline FX, I would strongly encourage you to get those fixes made and resubmit ASAP.
Thanks!
Just like AdBlock, it would be good to be able to force cors just on some website.
It's not an issue but a tip...
I tried to access to a resource using this addon. It worked for different websites, but not for the only one I wanted to get. Actually it's because I needed to use the credentials option. But then it didn't work again as Firefox returned "cross domain not allowed".
Finally I've changed the forcecors.headers value in about:config to:
Access-Control-Allow-Methods *|Access-Control-Allow-Credentials true|Access-Control-Allow-Origin http://intranet.mydomain.com
Note: I've had to specify my Allow-Origin domain to make it work and also to add the Allow-Credentials to true
And the jQuery Ajax request looks like that:
$.ajax({
method: 'GET',
url: 'https://myothersite.mydomain.com/mypage.aspx',
xhrFields: {
withCredentials: true
}
}).done(function(data) {
console.log(data)
})
This is obviously a great plugin for any JavaScript developer but as mentioned in the warning it disable cross-domain completely. One way that would make developers more confident and help reduce the risks would be to only apply such headers on requests matching a pattern in a list of URL. This would allow a developer to add the URL patterns used for development purpose.
I might be able to help on this if this is something you think is a good idea.
Cors icon is at the bottom/right of the browser window and is enabled - but cross domain ajax calls don't work.
Is it possible to port it to Firefox Mobile for Android ?
Hello,
I noticed that I could not see the ForceCORS headers on responses for AJAX requests (checked this from Webdeveloper Console).
Just want to confirm that it is expected behaviour.
Thanks
Hi! I've used this plugin over long time, until an update of Firefox recently (29.0.0/1).
Firebug now complains (Even if CORS is turned on):
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at {http://path.to/my.json}. This can be fixed by moving the resource to the same domain or enabling CORS.
As of this change in FFNightly, the Force-CORS button is not visible.
https://bugzilla.mozilla.org/show_bug.cgi?id=749804
Here is a discussion of affected people.
http://support.mozilla.org/en-US/questions/978015
Can you write a quick fix?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.