Chrome and the Cross Origin Resource Policy

I have recently been working on web applications that need to access data via an API, but having my source locally and the data coming over the API, Chrome wouldn’t let me run the XHR request – although I had been mocking the data for development, I needed to test with the live data before the code went onto the server. For this, I came across two flags that be used to launch Chrome:


Putting a shortcut on my desktop with the target as:

"%ProgramFiles(x86)%GoogleChromeApplicationchrome.exe" --allow-file-access-from-file --disable-web-security

gave me exactly what I needed 🙂 If you have Chrome installed in your AppData folder, you will need to use:

"%LOCALAPPDATA%GoogleChromeApplicationchrome.exe" --allow-file-access-from-files --disable-web-security

instead – remembering that using your newly created shortcut will only work so long as there are no instances of Chrome already running.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s