Skip to content

Omit credentials when fetching sideloaded bundles

Warren Gifford requested to merge sideloaded-ext-omit-credentials into master

Created by: lguychard

Without this, attempting to fetch a sideloaded extension bundle triggers a CORS error:

Access to fetch at 'http://localhost:1234/extension.js' from origin 'chrome-extension://bmfbcejdknlknpncfpeloejonjoledha' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'.

Merge request reports

Loading