Cross origin AJAX call in Safari extension injected script

Question

I'm trying to figure out right configuration for cross origin AJAX call in Safari extension injected script.

My configuration in Extension Builder:

• Extension Website Access: All
• Include Secure Pages: true
• Whitelist: -
• Blacklist: -

My goal is to get something like Chromes "permissions": "http://mysite.com/*", and be able to pull user configuration from web service.

note: JSONP drops warning, so I would prefer to avoid it.

Answer 1

Any luck with this? I'm having the same problems. Same setup works fine in the Chrome extension, but hitting Access-Contol-Allow-Origin when trying to do it in Safari Extension.

FIXED - UPDATE: Hey, I figured out what the problem is. So, it looks like you need to do the cross-domain ajax via the background page. What I end up doing is determining all the requests I need to make in the injected script, then message pass the requests to the background page. The background page listens for messages from the injected script, makes the appropriate ajax calls, and then sends the results via a message to the injected script. The injected script is then listening for messages from the background page, once it gets the message(s) with the ajax results, it takes the appropriate action in the page that's being viewed.