I am developing a Manifest V3 extension for our web app. I am running into a CORS issue trying to use host_permissions.
I have added our domain to host_permissions as
"host_permissions": ["https://mozilla.com/*"], (except using our domain instead of mozilla.com). When I try to make a
fetch request to our domain it is being blocked with the error
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at [...] (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Status code: 302. The request is being made from a background script.
In Chrome I am able to make this request without CORS issues. The only difference is in Chrome I’m using a background service_worker instead of a background script.
Thanks for your help!