extension modifies request origin schema from HTTP to HTTPS
See original GitHub issueExtension enforces in a implicit way the server to switch CORS schema from HTTP to HTTP in the access-control-allow-origin
header resulting in behavior below.
The 'Access-Control-Allow-Origin' header has a value 'https://localhost:3000' that is not equal to the supplied origin. Origin 'http://localhost:3000' is therefore not allowed access.
chrome: chrome/69.0.3497.100 ext. version: 2018.9.28
In devtools network tab there are origin and referer displayed correctly with HTTP - see screenshot (RIGHT is extension enabled, LEFT extension disabled)
Issue Analytics
- State:
- Created 5 years ago
- Reactions:7
- Comments:8 (1 by maintainers)
Top Results From Across the Web
Origin - HTTP - MDN Web Docs
The Origin request header indicates the origin (scheme, hostname, and port) that caused the request. For example, if a user agent needs to ......
Read more >chrome.declarativeNetRequest - Chrome Developers
The chrome.declarativeNetRequest API is used to block or modify network requests by specifying declarative rules. This lets extensions modify network requests ...
Read more >Cross origin requests are only supported for protocol schemes
Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-extension, https. javascript · xml · google-chrome ...
Read more >How to stop an automatic redirect from “http://” to “https://” in ...
Specifically, when using Chrome http://example.com is now redirecting to https://example.com (naked domain), which is not valid/supported. http://example.com ...
Read more >Add custom data to resources using extensions - Microsoft Learn
To read the schema extension properties on a resource instance, specify the extension name in a $select request. Request. HTTP; C#; JavaScript ...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
Hey everyone, so sorry about this! We’re working on a fix now that will go out in our next release. In the meantime, as @davidbeermann said you should be able to temporarily resolve this by adding localhost to your whitelist. You can do this by either navigating to the extension settings page and adding ‘localhost’ to the whitelist, or by toggling the Site Privacy Protection switch in the extension pop up.
Thank you for your patience, we’ll have this resolved just as soon as we can.
I also ran into this issue. I was able to resolve it by toggling the Site Privacy Protection checkbox in the extension window. This added
localhost
to the whitelist. What is a little confusing though is, that once you add a host to the whitelist, the whole extension window is disabled. In order to remove the host from the whitelist, you have to go through the extension management to get to the extension settings – at least in Chrome.