From b475b121dda67fefbe3711e97d99ce44f34c1334 Mon Sep 17 00:00:00 2001
From: amartini <bortao@gmail.com>
Date: Tue, 2 Aug 2016 05:07:46 -0300
Subject: [PATCH] Allow CORS with Credentials

If you are using credentials, Access-Control-Allow-Origin can't be set to "*", it have to be set to exactly the requesting domain.
---
 background.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/background.js b/background.js
index 0120efe..1e0a495 100644
--- a/background.js
+++ b/background.js
@@ -31,7 +31,7 @@ var responseListener = function(details){
 	var flag = false,
 	rule = {
 			"name": "Access-Control-Allow-Origin",
-			"value": "*"
+			"value": details.originUrl
 		};
 
 	for (var i = 0; i < details.responseHeaders.length; ++i) {