Serge Seletskyy Serge Seletskyy - 3 months ago 10x
Ajax Question

canary --disable-web-security doesn't work any more for ajax requests in AngularJS project

Starting canary with argument --disable-web-security does not help any more to send cross domain AJAX requests while developing on localhost

I see a message in console

XMLHttpRequest cannot load http://[some-domain-name].com.
No 'Access-Control-Allow-Origin' header is present on the requested resource.
Origin 'http://localhost:3100' is therefore not allowed access.

How can I set header for ajax request in AngularJS project?

P. S. I use an alias to start canary with required args

alias canary="open -a \"Google Chrome Canary\" --args --disable-web-security"



Working solution: use the command open -a Google\ Chrome\ Canary --args --disable-web-security --user-data-dir=$HOME/profile-folder-name.

Explanation: --disable-web-security now requires the use of the --user-data-dir flag.

Windows command: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --disable-web-security --user-data-dir=%USERPROFILE%\profile-folder-name

This seems to be a bug only in Canary (works as expected in latest stable Chrome). Chrome sees the flag and displays the warning but fails to allow cross domain requests. It did work a couple of days ago.

I reported the issue: