I'm trying to develop a basic Firefox Addon with the "new" WebExtensions system.
I'd like to
- Extract some text from a web page (not owned by me)
- evaluate it using a remote website
- post in the same page the result
The problem is how to make the web request with the addon (point 2). I found that I could use XMLHttpRequest, but as I imagined for security reasons I can't get access to remote paths.
That is because (I guess) the javascript code is run inside the page, even though I had thought that an addon would be... external.
Of course the result would be inside the page, but I assume the addon could work as a proxy to make this request. That said I have no idea how and what should I do.
I don't want to use some strange trick (like removing some security control), I'd like to do it the "right" way.
What I also don't understand is if the addons are bounded to run within the page they are made for.
EDIT: OK, turns out the chrome docs is actually better than the mozilla one. To actually use the XHR to cross-site req you have to put an additional line of code in your manifest.
{...
"permissions": [
"http://random.com/"
],
}..
I'm still not sure if this is the proper way to do what I aim to though.
