Don't let CORS checks stop your web client!

· Christopher Hoelter's Blog

How to disable google chrome security features in order to disable CORS checks.

Have you ever wanted to hit an api from a locally running client, except you kept running into CORS errors? Here's how to disable the CORS checks entirely on google chrome on a windows operating system to bypass that. Use at your own risk, as this does disable some browser security and isn't recommended for daily browsing.

Instructions for disabling CORS checks on Windows #

  1. Create or copy a google chrome shortcut on the desktop.
  2. Right click on the shortcut and go to properties.
  3. Modify the launch line adding these arguments to the command: --disable-web-security --disable-features=IsolateOrigins,site-per-process --user-data-dir="C://ChromeDev" The full command should look like "C:\ProgramFiles\Google\Chrome\Application\chrome.exe" --disable-web-security --disable-features=IsolateOrigins,site-per-process --user-data-dir="C://ChromeDev".
  4. Use the shortcut to launch google chrome.

That's it! Similar instructions should work on other operating systems as well with the same google chrome launch arguments.


Please leave a comment or drop a message at https://lists.sr.ht/~hoelter/public-inbox. Email me directly at blog@christopherhoelter.com.