Skipping CORS Constraints with Google Chrome

For those willing to develop some quick and dirty app, but CORS knocks at your door — maybe you’re developing something on React, with a backend elsewhere…

Chrome has an old (AND UNSAFE) way to help you there with these two command line parameters:

— disable-web-security will disable all these checks, but it can only be used if you tell chrome which data-dir to use (please don’t use yours, ok?)

— user-data-dir, in this context, becomes mandatory. I suggest using /tmp/something

This is the command line in a Mac

/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --disable-web-security --user-data-dir=/tmp/chrome_tmp

Upon triggering it, you will be asked to allow submission of statistics and all those 1st launch stuff (natural if you are using a new data-dir).

Finally, you get the following chrome window (please notice the message below the main toolbar)

Voilá — no CORS constraints for you.

Have fun — Please use for development only.