Chrome: Disable same origin policy for localhost

5
votes

I'm developing a phonegap/cordova app, it is not bound by same origin policy for the sites I care about. I use the chrome browser for fast development, which I cannot do if it is bound by same origin policy. There is a great 3 year old answer on how to completely disable the cross origin policy. But having a browser opened with completely disabled web security seem like a recipe for disaster.

Since the anser is 3 years old I'm hoping there might now be a way to disable same origin policy on a per URL basis. Either that all webpages at localhost is fine to use cross origin or that it's always okay to request data from www.example.com and www.otherexample.com?

1
javascriptgoogle-chromecordovasame-origin-policy
Don't "disable" anything, just follow standards: use CORS. en.wikipedia.org/wiki/Cross-origin_resource_sharingDavid-SkyMesh
Ditto - use CORS if you can (the remote server has to support it). You can use Ripple.Raymond Camden
This is a development environment so the origin is localhost. How do you support this special case with CORS ?Chris

1 Answers

0
votes

You can use fiddler, one of it's auoto responder options is to fake cors respnce, omong many more. I use it quite a bit. It can alsow fake an api responce with a local file, i find it quite invaluable when developing frontend before backand is ready.