Recently I’ve been developing an AngularJS application that requires access to an api from another sub domain. Since the API is another sub domain, Chrome complains that it is a CORS violation, automatically disallowing the request. This causes the application to hang forever because the route is dependent on calling this api first. What I decided to do was look up how to circumvent CORS in Google Chrome to test that it works correctly. I only need to do this locally, since I already authorized the live production version to work correctly.
The command I found was from a Stack Overflow request.
open -a Google\ Chrome --args --disable-web-security --user-data-dir.
google-chrome --args --disable-web-security --user-data-dir
chrome.exe --args --disable-web-security --user-data-dir
The later versions of Chrome say
--disable-web-security has been depreciated, but it still works. The flag
--use-data-dir appears to be required for CORS to be disabled.
Currently working on learning more about how to disable in Firefox, Safari, and ie11/edge. I may just commit to using Chrome locally, and checking the production version from the rest of the browsers.