This tutorial is based on Chrome Extension Manifest Version 2.
Let’s begin…
Our manifest file…
To get past CORS on certain domains, simply add those domains to you permission property.
You must be exact in your domain listing.
For example, if you add a permission for the domain “https://www.yahoo.com" and make a fetch call inside your Chrome Extension to that domain…
…you will be blocked depending on how that domain decides to treat your request. Yahoo redirects me to the URL “https://ca.yahoo.com/?p=us", and because I didn’t include that domain in permissions, I get blocked.
So if I add “https://ca.yahoo.com/?p=us" to my manifest…
…then make the fetch call…
…I successfully complete a fetch request to the domain.