Item logo image for NotebookLM Web Importer

NotebookLM Web Importer

4.2(

9 ratings

)
ExtensionTools9,000 users

4 support issues

  • All
  • Questions
  • Suggestions
  • Problems

Abhishek Paul

Feb 8, 2025

Not able to connect account to Notebook LM

When I inspected the popup , i found :

Understanding the Error

The core of the issue is that your Chrome extension (with ID ijdefdijdmghafocfmmdojfghnpelnfn) is trying to make a network request (specifically, a fetch request) to a different website, https://notebooklm.google.com/. The error message is telling you that the server at notebooklm.google.com is not configured to allow your extension to access its resources.

Here's a step-by-step explanation:

Cross-Origin Request: Your Chrome extension is running in the context of a unique "origin" (chrome-extension://ijdefdijdmghafocfmmdojfghnpelnfn). This is different from the origin of the resource you're trying to access (https://notebooklm.google.com). Browsers, for security reasons, treat requests between different origins with suspicion.
CORS Policy: The Same-Origin Policy is a security measure in web browsers. By default, it restricts how a document or script loaded from one origin can interact with resources from a different origin. CORS (Cross-Origin Resource Sharing) is a mechanism that allows servers to explicitly relax the same-origin policy and allow some cross-origin requests.
Missing Access-Control-Allow-Origin Header: The critical part of CORS is the Access-Control-Allow-Origin header. When a server wants to allow requests from other origins, it includes this header in its HTTP response. The value of the header specifies which origins are permitted.
Access-Control-Allow-Origin: * (allows all origins, generally not recommended for production).
Access-Control-Allow-Origin: https://example.com (allows only requests from https://example.com).
Access-Control-Allow-Origin: chrome-extension://ijdefdijdmghafocfmmdojfghnpelnfn (if notebooklm.google.com would like to allow specifically your extension to access its resources)
In your case, when the browser send the request to https://notebooklm.google.com/, the response from server does not contain that header. Because of that, browser considers that this request should not be allowed.
Browser Blocking: Because the response from notebooklm.google.com doesn't include the necessary Access-Control-Allow-Origin header, the browser concludes that the server doesn't want to allow cross-origin requests from your extension. So, the browser blocks the response from being delivered to your extension's code.
Opaque Response with no-cors Mode (The Suggestion): The error message's suggestion to use mode: 'no-cors' is a way to bypass CORS, but it comes with a huge caveat. If you use no-cors, the browser will make the request, but your extension will receive a severely limited, opaque response.
You won't be able to read the body of the response.
You'll only be able to see a few simple status codes.
Your extension will not be able to extract any data from it.
You will not be able to know if the request was successfull or not.
In most cases, no-cors is not a viable solution for getting meaningful data from a cross-origin resource. It's primarily used for "fire and forget" requests (e.g., sending analytics data where you don't care about the response).
Why notebooklm.google.com is Likely Blocking Your Extension

Security: Google (like most major websites) takes security very seriously. They don't want random extensions to be able to access their data without their explicit permission.
API Considerations: notebooklm.google.com is likely not intended to be a public API that anyone can call directly. They may have internal APIs for their own applications, but not for general use. If they want external application to communicate with them, they will create a public API that will need to be authenticated and will use CORS in a proper way.
Data Privacy: Allowing unrestricted access could leak sensitive data or create vulnerabilities.
What Can You Do?

Don't Try to Bypass CORS Unnecessarily: If the server isn't configured to allow your origin, trying to circumvent CORS is almost always a bad idea. You should not use no-cors unless you perfectly know what you are doing.
Official API:
Check if notebooklm has an official, documented API that you can use. If it has an API, it will provide you with a proper documentation and a way to authenticate to the service. This is the correct way to interact with a service.
Look for API keys, documentation, and the proper endpoints.
Contact notebooklm (if possible):
If there's no public API, and you believe there's a valid reason for your extension to access notebooklm (e.g., for research or collaboration), you can try to contact Google and ask about the possibility of them enabling access for your extension. However, they are under no obligation to do so.
Proxy Server (Last Resort):
If all else fails, you could set up a proxy server that you do control.
Your extension would send requests to your server.
Your server would then make the request to notebooklm.google.com on beha

Dan Summers

Jan 27, 2025

can you upload tabs simultaneously

thanks

Shannon Smith

Nov 23, 2024

Unable to log in to the extension

When I click "Login to NotebookLM" I'm taken to my NotebookLM homepage (logged in state), but the extension is still logged out. Have tried installing and uninstalling, but get the same results.

Bruce Thomson

Oct 12, 2024

Playlist issue

How can we strip playlist information so the the URL can be passed properly to NotebookLM?

Google apps