16

I make AJAX calls to URIs which belong to a different domain. Normally in IE I am able to do this via jQuery's CORS support. But this fails in Google Chrome irrespective where CORS support is set or not.

Now I get an error saying something like:

XMLHttpRequest cannot load . Origin http://localhost:8000 is not allowed by Access-Control-Allow-Origin.

Is there a setting in Google Chrome which disables the Access-Control-Allow-Origin restriction?

Octavian Helm
  • 153
  • 6
deostroll
  • 1,795
  • 7
  • 24
  • 37
  • 1
    Do you have control over the remote web resource? You could add the Access-Control-Allow-Origin header there. – Jacob Krall Feb 01 '12 at 20:18

1 Answers1

18

There is a command-line switch which does the trick: --disable-web-security

Just call it like follows:

$ chromium-browser --disable-web-security http://localhost:8000/pages/index.html

Make sure the Chrome browser is fully closed, otherwise it will only launch a new instance and the applied option will not work.

dvtoever
  • 103
  • 3
deostroll
  • 1,795
  • 7
  • 24
  • 37
  • The `--disable-web-security` option doesn't seam to work on Google Chrome, only on Chromium though. – Octavian Helm Nov 20 '12 at 08:36
  • 1
    Tested today in Chrome, works fine. – munissor Nov 20 '12 at 17:14
  • 7
    `open -a Google\ Chrome --args --disable-web-security` executed in the mac terminal works fine for me. It has to be done when Chrome is not running though. – iolo Nov 21 '12 at 14:37
  • 2
    Tested on 14-12-2012 on Chrome. Works fine but shows a message saying "You are using an unsupported command-line flag: --disable-web-security. Stability and security will suffer" – Vivek Kodira Dec 14 '12 at 06:05
  • "Make sure the Chrome browser is fully closed" -- This was key for me. You should open task manager and make sure all the chrome.exe processes are gone. – Jonah Aug 13 '13 at 16:34
  • If you are using Mac try this one "open -a Google\ Chrome --args --disable-web-security" Without the quote – Hasanavi Feb 04 '14 at 15:38