0

I am creating a Chrome-extension and I want to inject a Javascript file in DOM from content.js file , But after injecting JS file I am getting Cross-Origin Read Blocking (CORB) blocked cross-origin response https://raw.githubusercontent.com/avinashiitb/bookmark-preview/main/injectScript.js

The idea behind to inject injectScript.js is to write a custom event in DOM and pass that event to content.js script

Manifest.Json

{
   "manifest_version": 2,
   "name": "Preview & Bookmark",
   "author": "Aviansh",
   "version": "0.001",
   "content_scripts": [
       {
           "matches": ["*://*/*"],
           "js": [
               "content.js"
           ],
           "css": [
               "style.css"
           ]
       }
   ],
   "background": {
       "scripts": [
           "background.js"
       ]
   },
   "web_accessible_resources": [
       "inject-script.js"
   ],
   "browser_action": {},
   "permissions": [
       "storage",
       "*://*/*"  
   ]
}

Content.js

function injectScript(file_path, tag) {
    var node = document.getElementsByTagName(tag)[0];
    var script = document.createElement('script');
    script.setAttribute('type', 'text/javascript');
    script.setAttribute('src', file_path);
    node.appendChild(script);
}

injectScript("https://raw.githubusercontent.com/avinashiitb/bookmark-preview/main/injectScript.js", 'body');

injectScript.js

alert("Hi");
sideshowbarker
  • 72,859
  • 23
  • 167
  • 174
Avinash Anshu
  • 89
  • 6

1 Answers1

0
  1. Download the script from the remote URL into your extension directory.
  2. Rename it to inject-script.js
  3. Run it as shown in method 1 here:
var s = document.createElement('script');
s.src = chrome.runtime.getURL('inject-script.js');
s.onload = function() {
    this.remove();
};
(document.head || document.documentElement).appendChild(s);
wOxxOm
  • 53,493
  • 8
  • 111
  • 119