Reputation:
Disable Firefox Same Origin Policy without installing a plugin
Is there a way to disable the same origin policy on the Mozilla Firefox browser by toggling a flag in the browser?
This is strictly for development, for not production use.
Please note:
A similar question asked 3+ years ago yielded an accepted answer that recommends users to install a plugin. I consider this less secure and more cumbersome than toggling a flag (e.g. in the about:config, or passing a parameter when starting the browser like in Chrome).
Upvotes: 37
Views: 58221
Answers (4)
Reputation: 86
So I wasn't able to do this using Firefox. I was able to do this inside of chrome using the following. My purpose was for testing endpoint access to a server without CORS being setup.
google-chrome disable-web-security -allow-file-access-from-files — allow-file-access
Your google chrome executable can vary to whatever you have linked it to.
Source: https://medium.com/@siddhartha.ng/disable-cross-origin-on-chrome-for-localhost-c644b131db19
Upvotes: -3
Reputation:
After having tried to find a Firefox setting for various hours, and after having opened a bounty, I think the right answer to this question is:
At the moment of writing (March 2018), it is not possible to disable the same policy origin in Firefox by simply setting a flag.
I would personally recommend people to use Chrome instead for this kind of work, because disabling this setting is very easy, quick and doesn't involve installing third-party software.
Upvotes: 19
Reputation: 402
Rather than directly answer your question, this alternative might be viable if you also have ownership of the server
Get your server to add the following response header. (+ Apply a DevOps process or piece of code to ensure only apply this code during development)
Access-Control-Allow-Origin
.. With the value of your origin domain, e.g.
http://example.com or alternatively * for all domains.
Upvotes: 6
Reputation: 1745
There is a boolean in Mozilla Firefox that should allow toggling of the same origin policy called security.fileuri.strict_origin_policy.
Go to about:config in your browser and accept the risk:
Then search for security.fileuri.strict_origin_policy and double click it to toggle it to false like so:
I have not tested this but in my experience, this is the flag controlling the same origin policy.
Upvotes: 14
Related Questions
- Disable firefox same origin policy
- Disable cross domain web security in Firefox
- Disabling same-origin policy in Safari
- How to enable CORS on Firefox
- CORS and web extensions
- Firefox Cross Domain Request
- Disable Same-Origin Check in FireFox 6
- Anyway to bypass same origin policy?
- circumvent the same origin policy using a browser plugin
- How to disable specific http-requests to non origin based url's?