How does Google Chrome's Advanced REST client make cross domain POST requests?

Question

How does Google Chrome\'s ADVANCED REST CLIENT plugin make cross domain POST requests? I thought maybe something with CORS but I don\'t see \"Access-Control-Allow-Origin\" i

Answer 1

Short answer: Extensions are different from normal web pages. They can ask for extra permissions during the course of installation.

(slightly) Long answer: The main requirement of plugins/extensions is that they are able to access different domains. They can ask for extra permission during the installation (The user is typically warned that the extension can access data on those domains).

Take a look at the manifest.json file of the extension you are talking about. More specifically:

"permissions": [
    "", "cookies", "history"
  ]