Chrome is modifying the CORS implementation to hide options requests

Time:2020-3-6

Within a few weeks from January 6, 2020, Google will gradually replace the CORS implementation in chrome. The new implementation is called “oor CORS” (out of renderer CORS). As the name suggests, Google wants to hide the details of CORS into the browser.

CORS releated detailed network transaction can not be observed via DevTools’ Network tab. You need to take a NetLog dump for further investigation. You can use netlogchk.html to analyze the obtained NetLog dump to see if there is CORS related error. NetLog Viewer is general purpose online tools to check details on the dump.

One of the changes is that Google will hide the CORS details related network traffic in the chrome devtools network panel, such as the options pre check request, which causes a lot of inconvenience to our CORS debugging.

Now to view the network traffic related to CORS details, we can grab the chrome internal network event log in chrome: / / net export / and open it in HTTPS: / / Netlog viewer. Appspot. In addition, we can also use Fiddler or Wireshark and other software to capture packages.

Original link https://www.chromium.org/home