| OLD | NEW |
|---|
| 1 <h1>Cross-Origin XMLHttpRequest</h1> | 1 <h1>Cross-Origin XMLHttpRequest</h1> |
| 2 | 2 |
| 3 | 3 |
| 4 <p id="classSummary"> | 4 <p id="classSummary"> |
| 5 Regular web pages can use the | 5 Regular web pages can use the |
| 6 <a href="http://www.w3.org/TR/XMLHttpRequest/">XMLHttpRequest</a> | 6 <a href="http://www.w3.org/TR/XMLHttpRequest/">XMLHttpRequest</a> |
| 7 object to send and receive data from remote servers, | 7 object to send and receive data from remote servers, |
| 8 but they're limited by the | 8 but they're limited by the |
| 9 <a href="http://en.wikipedia.org/wiki/Same_origin_policy">same origin policy</a>
. | 9 <a href="http://en.wikipedia.org/wiki/Same_origin_policy">same origin policy</a>
. |
| 10 Extensions aren't so limited. | 10 Extensions aren't so limited. |
| (...skipping 17 matching lines...) Expand all Loading... |
| 28 | 28 |
| 29 <p>If the extension attempts to use a security origin other than itself, | 29 <p>If the extension attempts to use a security origin other than itself, |
| 30 say http://www.google.com, | 30 say http://www.google.com, |
| 31 the browser disallows it | 31 the browser disallows it |
| 32 unless the extension has requested the appropriate cross-origin permissions. | 32 unless the extension has requested the appropriate cross-origin permissions. |
| 33 </p> | 33 </p> |
| 34 | 34 |
| 35 <h2 id="requesting-permission">Requesting cross-origin permissions</h2> | 35 <h2 id="requesting-permission">Requesting cross-origin permissions</h2> |
| 36 | 36 |
| 37 <p>By adding hosts or host match patterns (or both) to the | 37 <p>By adding hosts or host match patterns (or both) to the |
| 38 <a href="manifest.html#permissions">permissions</a> section of the | 38 <a href="declare_permissions.html">permissions</a> section of the |
| 39 <a href="manifest.html">manifest</a> file, the extension can request access to | 39 <a href="manifest.html">manifest</a> file, the extension can request access to |
| 40 remote servers outside of its origin.</p> | 40 remote servers outside of its origin.</p> |
| 41 | 41 |
| 42 <pre>{ | 42 <pre>{ |
| 43 "name": "My extension", | 43 "name": "My extension", |
| 44 ... | 44 ... |
| 45 <b>"permissions": [ | 45 <b>"permissions": [ |
| 46 "http://www.google.com/" | 46 "http://www.google.com/" |
| 47 ]</b>, | 47 ]</b>, |
| 48 ... | 48 ... |
| (...skipping 104 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 153 | 153 |
| 154 <p> | 154 <p> |
| 155 If you modify the default <a href="contentSecurityPolicy.html">Content | 155 If you modify the default <a href="contentSecurityPolicy.html">Content |
| 156 Security Policy</a> for apps or extensions by adding a | 156 Security Policy</a> for apps or extensions by adding a |
| 157 <code>content_security_policy</code> attribute to your manifest, you'll need to | 157 <code>content_security_policy</code> attribute to your manifest, you'll need to |
| 158 ensure that any hosts to which you'd like to connect are allowed. While the | 158 ensure that any hosts to which you'd like to connect are allowed. While the |
| 159 default policy doesn't restrict connections to hosts, be careful when explicitly | 159 default policy doesn't restrict connections to hosts, be careful when explicitly |
| 160 adding either the <code>connect-src</code> or <code>default-src</code> | 160 adding either the <code>connect-src</code> or <code>default-src</code> |
| 161 directives. | 161 directives. |
| 162 </p> | 162 </p> |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 12223068:
Fix some typos, broken links and other issues in extension docs (Closed)
Base URL: http://src.chromium.org/svn/trunk/src/