Ccna final exam - java, php, javascript, ios, cshap all in one. This is a collaboratively edited question and answer site for professional and enthusiast programmers. It's 100% free, no registration required.
Monday, June 11, 2012
Chrome: Disable same origin policy
Is there a way to disable the same origin policy on Google's Chrome browser? This is strictly for development, not production, use.
Close chrome (or chromium) and restart with the --disable-web-security argument. I just tested this and verified that I can access the contents of an iframe with src="http://google.com" embedded in a page served from "localhost" (tested under chromium 5 / ubuntu). For me the exact command was:
chromium-browser --disable-web-security
From the chromium source:
// Don't enforce the same-origin policy. (Used by people testing their sites.) const wchar_t kDisableWebSecurity[] = L"disable-web-security";
I use the URL rewriting features of Charles Proxy to map remote HTTP APIs to URLs that appear to point to my development server when I need to do that kind of thing.
Close chrome (or chromium) and restart with the --disable-web-security argument. I just tested this and verified that I can access the contents of an iframe with src="http://google.com" embedded in a page served from "localhost" (tested under chromium 5 / ubuntu). For me the exact command was:
ReplyDeletechromium-browser --disable-web-security
From the chromium source:
// Don't enforce the same-origin policy. (Used by people testing their sites.)
const wchar_t kDisableWebSecurity[] = L"disable-web-security";
Yep. For Mac, open Terminal and run:
ReplyDelete$ open -a Google\ Chrome --args --disable-web-security
Also if you're trying to access local files for dev purposes like AJAX or JSON, you can use this flag too.
-–allow-file-access-from-files
For PC go into the command prompt and go into the folder where Chrome.exe is and type
chrome.exe --disable-web-security
That should disable the same origin policy and allow you to access local files.
Probably not.
ReplyDeleteI use the URL rewriting features of Charles Proxy to map remote HTTP APIs to URLs that appear to point to my development server when I need to do that kind of thing.
For Selenium Webdriver, you can have selenium start Chrome with the appropriate arguments (or "switches") in this case.
ReplyDelete@driver = Selenium::WebDriver.for(:Chrome, {
:detach => false,
:switches => [“—disable-web-security”]
})
Answered in http://stackoverflow.com/questions/330427/can-i-disable-sop-same-origin-policy-on-any-browser-for-development.
ReplyDelete1st result for Google: disable same origin policy.