Bypass Same-Origin Policy for Google Chrome


AJAX-Requests for local files are not working on Google Chrome.
XMLHttpRequest cannot load file:///Users/… . Origin null is not allowed by Access-Control-Allow-Origin
To bypass, either use a HTTP server or start Google Chrome with a command-line switch. Open the Terminal and type the command below:
/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --allow-file-access-from-files
If you receive a message like:
XMLHttpRequest cannot load ... Cross origin requests are only supported for HTTP.
Open the Terminal and type the command below:
/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --disable-web-security

As long as web security is disabled, it is not recommended to surf on public internet pages. In this mode your web browser is vulnerable for any kind of cross-site scripting.

For more information about Google Chrome command-line switches, take a look at Google Chrome command line switches.

0 Kommentare:

Post a Comment