Electron v17, which has chromium v98
My BrowserWindow uses loadURL, and the web page loaded calls api from another host. I cannot modify the web. The web works fine in normal browser like chrome(version 98), though it requires a little cross origin settings for chrome to work.
How can I make electron to avoid the cors policy ?
Here are the methods I've tried. All together, not one by one.
- webSecurity: false
- app.commandLine.appendSwitch('disable-features', 'OutOfBlinkCors')
- app.commandLine.appendSwitch('disable-site-isolation-trials')
- onBeforeSendHeaders, requestHeaders, add "Origin", "Access-Control-Request-Method", "Access-Control-Request-Private-Network"
- onHeadersReceived, responseHeaders, add "Access-Control-Allow-Origin", "Access-Control-Allow-Private-Network"
Here is the error in the console of electron.
Access to XMLHttpRequest at 'http://xxxxxx.com' from origin 'http://yyyyyyy.com' has been blocked by CORS policy: The request client is not a secure context and the resource is in more-private address space `private`.
Once I adding the code below, it shows another error
- app.commandLine.appendSwitch('disable-features', 'BlockInsecurePrivateNetworkRequests')
The error changes to
Access to XMLHttpRequest at 'http://xxxxxx.com' from origin 'http://yyyyyyy.com' has been blocked by CORS policy: Request had no target IP address space, yet the resource is in address space `private`.
