Is it possible to use CORS when writing a google chrome extension?
I saw this, http://developer.chrome.com/extensions/contentSecurityPolicy.html
And I tried inserting this into the manifest, "content_security_policy": "script-src 'self' https://twitter.com/; object-src 'self'",
but an ajax requestion fails with XMLHttpRequest cannot load https://twitter.com/. Origin chrome-extension://olimhkjfpndfhdopbneamnekfalckinc is not allowed by Access-Control-Allow-Origin.
To enable cross-origin Ajax from your extension to Twitter, you simply need to list Twitter as a host permission in your manifest:
...
"permissions": [
"*://*.twitter.com/*"
],
...