跨域XMLHtt prequest不工作​​在Chrome封装应用尽管拥有权限的网址权限、网址、工作、XMLHtt

由网友(情比薄纸)分享简介:我有一个类似的问题对SO,"XMLHtt$p$pquest不工作的谷歌浏览器打包的Web应用程序。但是,所选择的答案是不是为我工作。我有我试图请求列入清单的权限的URL。我有一种感觉,这有做跨站点脚本prevention,正如我在跨域XMLHtt $阅读p $ pquest 和嵌入内容文档的浏览器。I'm havin...

我有一个类似的问题对SO,"XMLHtt$p$pquest不工作的谷歌浏览器打包的Web应用程序。但是,所选择的答案是不是为我工作。我有我试图请求列入清单的权限的URL。我有一种感觉,这有做跨站点脚本prevention,正如我在跨域XMLHtt $阅读p $ pquest 和嵌入内容文档的浏览器。

I'm having a similar issue to this other question on SO, "XMLHttpRequest not working in Google Chrome Packaged Web App". However, the selected answer is not working for me. I do have the url that I'm trying to request listed in the manifest permissions. I have a feeling this has to do with cross-site-scripting prevention, as I read about in the Cross-Origin XMLHttpRequest and Embed Content docs for Chrome.

当我检查响应,一切都空了,状态没有 code,没有响应,没有状态文本,就像试图让跨域请求在XSS时,在此等问题看到发生了什么,:的从XMLHtt prequest 空responseText的。

When I inspect the response, everything's empty, no status code, no response, no statusText, just like what happens when trying to make a request across domains as in XSS, as seen in this SO question: Empty responseText from XMLHttpRequest.


    "manifest_version" : 2,
    "name": "{name}",
    "description" : "{description}",
    "version" : "0.1",
    "minimum_chrome_version": "23",

    "permissions": [

    "app": {
        "background": {
          "scripts": ["models.js", "background.js"]

    "icons": { "16": "icon-16.png", "128": "icon-128.png" }


I'm using this function to do the requests:

function xhr(url, callback){
    var timeout= 2000;
    var xhr = new window.XMLHttpRequest();
    xhr.ontimeout = function () {
        console.error("The request for " + url + " timed out.");
    xhr.onerror = function(){
        console.error("error: "+xhr.statusText);
    xhr.onload = function() {
        if (xhr.readyState === 4) {
            if (xhr.status === 200) {
                window.console.log("response: "+xhr.response);
            } else {
    xhr.open("GET", url, true);
    xhr.timeout = timeout;


The url I'm trying to request is fairly basic with some query string parameters tacked on the end and looks like this:



Which, when loaded in the browser, returns simple and valid JSON:

    "ret" : [

        { "date": 1380603600000, "foo": bar1 }, 
        { "date": 1380776400000, "foo": bar2 }


The function I'm using to test in the developer console is this:

xhr('https://prefix.domain.suffix/sub/serve.aspx?param1=val1&param2=val2', function(e){ console.log(e); });

所有这一切都打印到控制台错误: XHR 在那一刻是:

XMLHtt prequest {状态文本:,状态:0,回应:,responseType:,responseXML的:空...}


One other thing which may need to be considered is that this url I'm requesting is behind authentication on my server. I'm logged in and am able to access the page, regardless of which tab I'm using, so I don't think that's the problem, but it still might be.



Apps don't share your browser's cookie store. They're like native apps in that respect. So your last paragraph is likely the issue. Change to a server that doesn't require authentication as a test to confirm it. Then investigate chrome.identity.


