Load AJAX from within a Chrome extension

I tried several methods to achieve this, including adding permissions.
Here is my Manifest.json:

    {
  "manifest_version": 2,
  "name": "name",
  "version": "0.8",
  "permissions": [
  "http://example.com/",
  "https://example.com/"
],
   "content_scripts": [
    {
      "matches": [
        ""
      ],
      "js": ["jquery.min.js", "content.js"],
      "run_at": "document_end"
    }
  ],
  "background": {

    "page": "background.html"
  },
  "browser_action": {
    "default_icon": "icon.png",
     "default_popup" : "Popup.html"
  },
  "permissions": [
    "tabs"
],
"content_security_policy": "script-src 'self' https://ssl.google-analytics.com; object-src 'self'"
}

popup.js:

// Copyright (c) 2014 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

/**
 * Get the current URL.
 *
 * @param {function(string)} callback - called when the URL of the current tab
 *   is found.
 */
function getCurrentTabUrl(callback) {
  // Query filter to be passed to chrome.tabs.query - see
  // https://developer.chrome.com/extensions/tabs#method-query
  var queryInfo = {
    active: true,
    currentWindow: true
  };

  chrome.tabs.query(queryInfo, function(tabs) {
    // chrome.tabs.query invokes the callback with a list of tabs that match the
    // query. When the popup is opened, there is certainly a window and at least
    // one tab, so we can safely assume that |tabs| is a non-empty array.
    // A window can only have one active tab at a time, so the array consists of
    // exactly one tab.
     tab = tabs[0];

    // A tab is a plain object that provides information about the tab.
    // See https://developer.chrome.com/extensions/tabs#type-Tab
     url = tab.url;
     fixedURL = url;
     fixedURL = url.substring(1);



    // Open the page up.

    // tab.url is only available if the "activeTab" permission is declared.
    // If you want to see the URL of other tabs (e.g. after removing active:true
    // from |queryInfo|), then the "tabs" permission is required to see their
    // "url" properties.
    //console.assert(typeof url == 'string', 'tab.url should be a string');

    callback(url);
  });

  // Most methods of the Chrome extension APIs are asynchronous. This means that
  // you CANNOT do something like this:
  //
  // var url;
  // chrome.tabs.query(queryInfo, function(tabs) {
  //   url = tabs[0].url;
  // });
  // alert(url); // Shows "undefined", because chrome.tabs.query is async.
}

/**
 * @param {string} searchTerm - Search term for Google Image search.
 * @param {function(string,number,number)} callback - Called when an image has
 *   been found. The callback gets the URL, width and height of the image.
 * @param {function(string)} errorCallback - Called when the image is not found.
 *   The callback gets a string that describes the failure reason.
 */

function loadXMLDoc()
{
var xmlhttp;
if (window.XMLHttpRequest)
  {// code for IE7+, Firefox, Chrome, Opera, Safari
  xmlhttp=new XMLHttpRequest();
  }
else
  {// code for IE6, IE5
  xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
  }
xmlhttp.onreadystatechange=function()
  {
  if (xmlhttp.readyState==4 && xmlhttp.status==200)
    {
    document.getElementById("main").innerHTML=xmlhttp.responseText;
    }
  }
xmlhttp.open("GET","http://localhost:8000/extension/?url="+fixedURL,true);
xmlhttp.send();
}


document.addEventListener('DOMContentLoaded', function() {
  getCurrentTabUrl(function(url) {

loadXMLDoc();




//console.log(url);


    }, function(errorMessage) {

    });
  });

The relevant part of the answer we get after clicking the extension:

  $(document).ready(function(){
    $("#scannedinfo").click(function(event){
      event.preventDefault();
      email = $('#scannedinfo-email').val();
      emailval = validateEmail(email);
      if(emailval != false){
        $('.scannedinfo-error').text('');
        $.get("https://example.com/ajaxpage",
        {
          email: $('#scannedinfo-email').val(),
          message: $('textarea').val()
        },
        function(data,status){
          //do stuff
            }
        });
      } else{
        //do stuff
      }

    });
  });

When I open the url that I do the AJAX call to in a browser, it works fine. When I check in the extension nothing seems to happen. No errors or anything.
What could the issue be?
Any ideas?

Thanks in advance!

How to check if the current website in your browser is a phishing site by checking into the database of Phishtank using JSON and Ajax

I want to create a Google chrome extension that detects phishing sites by checking the site in the database of Phishtank. How do I go by the JavaScript codes using JSON and Ajax?

How to send ajax call in chrome extension?

I am a newbie and working on a google-chrome extension, that needs to make jquery ajax requests to a server, load some json objects,But ajax call not run successfully , please guide me, thanks in advance

Find source of ajax call to example.com/undefined

My WordPress installation has mysteriously begun to stop applying some layout fixes and I suspect that it has something to do with a mysterious GET request that I’m trying to hunt down:

enter image description here

I’m guessing that I’m assembling the url, mydomain.com/undefined with a variable that I fail to assign a value and is thus evaluated as “undefined”. My question is, where is this happening.

When I click the link to “undefined:1” on the right, it takes me to a list of images and displays the markup for my site’s 404 page:

enter image description here

How can I isolate the place on my site where the GET request is being made?

Chrome Extension Inject HTML on YouTube Page [duplicate]

This question already has an answer here:

I am creating a Chrome Extension that will inject HTML on top of the related videos bar of a YouTube video.

This is the desired effect of the plugin.

Here is the manifest.json:

{
  // Required
  "manifest_version": 2,

  // App
  "name": "...",
  "version": "...",
  "author": "...",
  "description": "...",

  "content_scripts": [
    {
      "run_at": "document_idle",
      "matches": ["*://www.youtube.com/watch?v=*"],
      "js": ["jquery-min-3.3.1.js", "inject.js"]
    }
  ]

}

And here is inject.js:

$(document).ready(function(){
  $('#related').prepend('

This was injected throught jQuery.

'); });

When the extension is loaded into Chrome and a YouTube video page is loaded, the script seems to work for a second. The h1 in injected at the top of the #related bar until related video thumbnails start to load. Then the injected h1 quickly is pushed to the bottom as each new thumbnail loads.

I’m guessing this has something to do with YouTube using AJAX to load content. Is there a way to wait until all AJAX has been loaded before injecting HTML?

Ajax on Chrome Extension Uninstall

I need to run an AJAX query to clean up my database when my Chrome extension is uninstalled. The chrome.management.onUninstalled function is for all installed extensions and I don’t want to create a solution that uses it because it requires a special permission.

How do I detect when only my extension is uninstalled.

Chrome.runtime.connect no longer identified?

I have an extension with a background page and a sandbox page where most of the content scripts execute.

Whenever I need to do an Ajax call it has to run in the background environment as otherwise I get a CORS error. Recently as of last week I believe, the chrome.runtime is no longer available in the sandbox environment for some reason. I can’t find any notes etc about it and trying to figure out a solution how to communicate with background page now.

I had this in the sandbox environment to initialize a connect port to pass messages from an Ajax request

var ajaxCall = chrome.runtime.connect({name: "ajaxCall"});

Is there any info out there that I’m missing on why this change occurred and what are some possible workarounds?

Here’s the output for chrome. 1st is the background page and 2nd is the sandbox. They used to be identical in both.

chrome.runtime

Injecting AJAX into website via Chrome Extension

I am using a chrome extension to inject an AJAX request into a website. However I keep randomly getting this error:

Refused to connect to ‘http://127.0.0.1:5005/‘ because it violates the
following Content Security Policy directive: “connect-src ‘self’
static.licdn.com media.licdn.com static-exp1.licdn.com
static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com
https://media-src.linkedin.com/media/ www.linkedin.com
s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com
s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com
wss://*.linkedin.com dms.licdn.com”.

It doesn’t happen all the time. Just some of the time. I am really confused. Is there a way around it?

Control p:fieldset collapse state from the bean

In an application based on jsf 2.1 and Primefaces 6.1.8, I have a fieldset that is collapsed when first opened.
(In some cases, it is not toggleable, but that is probably not relevant for my question, so let’s assume toggleable=true.)

I would like to know:

  • How to collapse the fieldset from my bean
  • How to find out the current state (is it collapsed, yes/no?)
  • General question: I can’t seem to
    find a comprehensive list of ajax events and their applicability to
    specific components in any Primefaces documentation (including the
    showcase). If anybody could post out a useful link, I would be most
    grateful!

I also tried to use jQuery and javascript commands in the console in Google Chrome Develper’s tools. It would be really useful to have some kind of IDE style code completion when working with the console. Is there anyway I could have this, for example by installing a Chrome extension? Or should I try out a different browser instead?

How can I retain the php session when using ajax in chrome extension?

I want to retain the session which is created in the php file
login.php

`session_start();
$connection = mysqli_connect("localhost", "janara5_janaravi", "VBAEJN%&aC5U"); // Establishing connection with server..
$db = mysqli_select_db($connection,"janara5_database1"); // Selecting Database.
$email=$_POST['email']; // Fetching Values from URL.
$password= sha1($_POST['password']); // Password Encryption, If you like you can also leave sha1.
// check if e-mail address syntax is valid or not
$email = filter_var($email, FILTER_SANITIZE_EMAIL); // sanitizing email(Remove unexpected symbol like <,>,?,#,!, etc.)
if (!filter_var($email, FILTER_VALIDATE_EMAIL)){
echo "Invalid Email.......";
}else{
// Matching user input email and password with stored email and password in database.
$result = mysqli_query($connection,"SELECT * FROM registration WHERE email='$email' AND password='$password'");
$data = mysqli_num_rows($result);
if($data==1){
    $info = mysqli_fetch_assoc($result);
    echo  json_encode($info);
$_SESSION['name'] = $info['name'];
$_SESSION['username'] = $info['email'];
}else{
    echo json_encode(["id"=>false]);
}
}
mysqli_close ($connection); // Connection Closed.`

when i go to other file which is called as url.php
session is not existing…

    if (session_status() == PHP_SESSION_NONE) {
    /*starting session and including database when the server comes to the page directly by ajax*/
            session_start();
    }
error_reporting(E_ALL);
ini_set("display_errors", 1);
if(isset($_SESSION['username'])){
$connection = mysqli_connect("localhost", "janara5_janaravi", "VBAEJN%&aC5U"); // Establishing connection with server..
$db = mysqli_select_db($connection,"janara5_database1"); // Selecting Database.
$url=$_POST['url']; // Fetching Values from URL.
mysqli_real_escape_string($connection,$url);
//$url='https://www.ted.com/talks/scott_galloway_how_amazon_apple_facebook_and_google_manipulate_our_emotions';
$result = mysqli_query($connection,"SELECT todo FROM url_todo WHERE url='$url'");
//$data = mysql_num_rows($result);
if(mysqli_num_rows($result))
{
    $row = mysqli_fetch_assoc($result);
    $todo = $row['todo'];   
    echo $todo;
}
else {
    echo "No TODOist exists";
}
mysqli_close ($connection); // Connection Closed.
}else{
    print_r($_SESSION);
    echo "user not logged in";
}

I heared it is because the session cookie sent to the server when the both the
domain are same !
can any one tell me how to send the session cookie which is set by the chrome extension and send it to the server..