CORS Control in JetBrains Chrome Extension

XMLHttpRequest cannot load http://youtrack.jetbrains.com/rest/user/login. Origin http://localhost:8080 is not allowed by Access-Control-Allow-Origin.

Are you tired to fight it? Don’t want to wait until the system administrators configure the server properly? Don’t want to waste your time setting up a proxy server?

Forget about it.  JetBrains IDE Support (Google Chrome extension) allows you to avoid such errors in one simple step since version 0.9.2. Just open the extension options and add the URL of the resource to “Force CORS” list.

  1. Open chrome://extensions/
  2. Scroll down to JetBrains IDE Support section, click Options

Or

  1. Right click on JetBrains IDE Support browser icon, select Options

You can add a pattern http://*/*, but it is not recommended for security reasons (performance impact is very minimal in any case).

The setting will be active all the time, not only when the JavaScript debugger or LiveEdit is connected to Chrome.

This entry was posted in Cool Feature. Bookmark the permalink.

21 Responses to CORS Control in JetBrains Chrome Extension

  1. Strajk says:

    It’s useful, but IMHO would be more appropriate to create another extension for this… It has nothing to do with JetBrains IDE Support

    > Write programs that do one thing and do it well.

  2. Will says:

    If you ever end up with this error, The ‘Access-Control-Allow-Origin’ header contains multiple values, disable to plug-in to see if you are accidentally shooting yourself in the foot.

  3. Daniel says:

    This is very helpful. I was looking for the past 2 hours how to add cross domain headers and this is a good temporary solution. Thanks

  4. Shantanu says:

    Thanks a lot!! saved my day !!

  5. Trisha Bonnette says:

    Why did this become an issue in the new Webstorm version. It seems I never had this problem before and nothing fixes it except maybe using a node or other server which would be crap.

    • Ekaterina Prigara says:

      Hello Trisha,
      can you please provide a bit more details on the issue you’re having?
      What WebStorm version do you use? Do you see this specific error about “Access-Control-Allow-Origin”?

  6. Trisha Bonnette says:

    Its useless and rather frustrating… tried all combinations

  7. Maximilian Berkmann says:

    Not helpful at all on Chrome and there’s no extensions like that for Opera.

    • lena_spb says:

      Please can you elaborate on this? what problems using CORs with Chrome have you faced? What Webstorm version do you use?

  8. koen cornelis says:

    Why not allow the webstorm user to set headers he/she needs?

    • Ekaterina Prigara says:

      The built-in server that we have in the IDE is very simple and it mostly targets only one use case – previewing the HTML pages and very simple apps with zero configuration. At the moment we don’t have any plans to make it more customizable.

  9. Bob Ray says:

    “No ‘Access-Control-Allow-Origin’

    I had this trouble with an Ajax request in a test file I was using. It happened because the “View in Browser” function in PhpStorm used a different port than the default port.

    I found two solutions:

    1. View in Browser and note the port number. Add that port number to the URL for the Ajax request.

    2. View the test file in your browser, outside of PhpStorm.

  10. Ajit says:

    Extention stopped working after I upgraded my chrome browser.
    Under Options->”whitespace- or comma-separated”, “Apply” buttons does not save patterns. Seems to be broken.

    • Ekaterina Prigara says:

      Hello, we haven’t need actively maintaining the JetBrains IDE Support Chrome extension because it is no longer required for debugging apps with WebStorm in Chrome and we are considering deprecating it completely.
      Can you please let us know how do you use the extension? Do you debug apps from WebStorm? Do you use the IDE’s built-in server? Thanks!

      • Ajit says:

        Thanks for the reply. we are using IDE’s built-in Server along with javascript debugger. We need to set “Access-Control-Allow-Origin” header some http patterns. Jetbrain Chrome extension was working before I upgraded my browser. We do not want to use chrome’s javascript debugger. Please do let us know any other option to work this around.

        Thanks

        • Ekaterina Prigara says:

          Sorry for the delayed reply. After some investigation, we have found out that This is A result of the new Chrome’s security policy that disallows Cross-Origin Requests in the extensions: https://www.chromium.org/Home/chromium-security/extension-content-script-fetches
          We have a feature request about allowing to configure a Access-Control-Allow-Origin header in the WebStorm’s built-in web server: https://youtrack.jetbrains.com/issue/WEB-34525 Please vote for it and follow it for the updates.
          As a workaround, you can disable security in the browser by passing a --disable-web-security flag to it.
          WebStorm by default starts debugging your apps in a new instance of Chrome without using an additional extension, so you can pass the flag only to that new instance: go to the IDE Preferences | Tools | Web Browsers – select on Chrome and then click on the Edit icon; add –disable-web-security to the Command Line Options field.
          If you have previously enabled the option Use Chrome Extension in Preferences | Build, Execution, Deployment | Debugger | Live Edit, please disable it.
          Hope it helps!

  11. Ajit says:

    Chrome version that I am using is Version 76.0.3809.87 (Official Build) (64-bit)

  12. Ajit says:

    Thanks for the reply. we are using IDE’s built-in Server along with javascript debugger. We need to set “Access-Control-Allow-Origin” header some http patterns. Jetbrain Chrome extension was working before I upgraded my browser. We do not want to use chrome’s javascript debugger. Please do let us know any other option to work this around.

    Thanks

  13. Dennis Megarry says:

    Guess I am not the only one! Been struggling with this all day and I see JetBrains has not responded.. ugh

    Happy “No Work” Friday people!

    • Ekaterina Prigara says:

      I’m sorry that I haven’t replied promptly. In the future, if you have problems with the product, please contact product technical support or file a new issue on our tracker – I try my best to help users in the blog comment, but it’s not the main support channel. Thanks for understanding!

    • Ekaterina Prigara says:

      After some investigation, we have found out that This is A result of the new Chrome’s security policy that disallows Cross-Origin Requests in the extensions: https://www.chromium.org/Home/chromium-security/extension-content-script-fetches
      We have a feature request about allowing to configure a Access-Control-Allow-Origin header in the WebStorm’s built-in web server: https://youtrack.jetbrains.com/issue/WEB-34525 Please vote for it and follow it for the updates.
      As a workaround, you can disable security in the browser by passing a --disable-web-security flag to it.
      WebStorm by default starts debugging your apps in a new instance of Chrome without using an additional extension, so you can pass the flag only to that new instance: go to the IDE Preferences | Tools | Web Browsers – select on Chrome and then click on the Edit icon; add –disable-web-security to the Command Line Options field.
      If you have previously enabled the option Use Chrome Extension in Preferences | Build, Execution, Deployment | Debugger | Live Edit, please disable it.
      Hope it helps!

Leave a Reply

Your email address will not be published. Required fields are marked *