Tuesday, December 14, 2021

avoiding CORS ups..

bad practices

How  to  avoid CORS error on google-chrome-stable version >= 96.0.4664.93

1 - execute google chrome by cli in this way:

google-chrome --disable-web-security --user-data-dir=/tmp


2 - access to this URL in the new chrome opened: chrome://flags/#reduced-referrer-granularity

and disable web security.

search by: 

"

Block insecure private network requests.

Prevents non-secure contexts from making sub-resource requests to more-private IP addresses. An IP address IP1 is more private than IP2 if 1) IP1 is localhost and IP2 is not, or 2) IP1 is private and IP2 is public. This is a first step towards full enforcement of CORS-RFC1918: https://wicg.github.io/cors-rfc1918 – Mac, Windows, Linux, Chrome OS, Android


"



See Also:

- https://developers.google.com/web/updates/2020/07/referrer-policy-new-chrome-default
- https://chromestatus.com/feature/6251880185331712


No comments:

Post a Comment