Disable web security in Chrome

When building a front end on your APIs, you can run in to some trouble with web security (mainly with CORS). Which is a good thing, but you do not always want this when running your application on localhost.

So while developing, you can use plugins to disable CORS for certain websites (i.e. localhost). However, it is also possible to start a Chrome browser with web security disabled.

The easiest way to do this is to start Chrome from the command line or create a new shortcut running this command. Personally I prefer to start/stop this specific Chrome instance from my terminal.

You need to enter the path to Chrome and add --disable-web-security. When you do this, you will also need to provide --user-data-dir with a path. In my case I create a tmp directory.

Chrome will show a bar at the top of the window, telling you web security is disabled.

The advantage of this, is that you can delete all the browser related stuff with just a simple rm -rf ./tmp. After you delete the tmp dir and relaunch Chrome, it will start like it is a fresh install. This can have other benefits, like cleared cache and cookies, as well.