How to disable same origin policy in Chrome ?
This script is tested under Python3.6.
The browser will warn you that "you are using an unsupported command line" when it first opens, which you can ignore.
From the chromium source:
For OSX, open Terminal and run:
--user-data-dir required on Chrome 49+ on OSX For Linux run:
For Windows go into the command prompt and go into the folder where Chrome.exe is and type
For Windows, Create a Chrome shortcut on your desktop.
Right-click > properties > Shortcut
Edit "target" path :
- The --disable-web-security is no longer supported in recent chrome versions.
- Allow-Control-Allow-Origin: * - chrome extension partially solved the problem. It works only if your request is using GET method and there's no custom HTTP Header. Otherwise, chrome will send OPTIONS http request as pre-flight request. If the server doesn't support CORS, it will response with 404 HTTP status code. The plugin can't modify the response HTTP status code. So chrome will reject this request. There's no way for chrome plugin to modify the response HTTP status code based on current chrome extension API. You can't do a redirect as well for XHR initiated request.
- Not sure why Chrome makes developers life so difficult. It blocks all the possible ways to disable XSS security check even for development use which is totally un-necessary.
- To use corsproxy. We have two options:
- Use corsproxy.com
- Install corsproxy in local : npm install -g corsproxy
- Open the start menu
Ror open "Run"
Execute the following command: