open -n -a /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --args --user-data-dir="/tmp/chrome_dev_session" --disable-web-security
"You are using an unsupported command-line flag: --disable-web-security. Stability and security will suffer."
For developers who need this feature frequently, typing the command every time is inefficient. You can create a macOS "App" shortcut using Automator.
Opens a ( -n ) instance of the Application ( -a ) "Google Chrome". --args chrome disable cors mac
Forces Chrome to use a temporary profile folder. This prevents the "insecure" session from affecting your primary passwords, history, and bookmarks. 3. Alternative: Using a Browser Extension
#!/bin/bash open -n -a /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --args --user-data-dir="/tmp/chrome_dev_test" --disable-web-security
Upon launching, you will see a warning banner at the top of the browser window: open -n -a /Applications/Google\ Chrome
If command-line access is restricted or you prefer a UI-based approach, browser extensions can manage CORS headers.
The primary flag that turns off the Same-Origin Policy (SOP) and CORS checks. --user-data-dir="/tmp/chrome_dev"
Save this script as chrome-no-cors.sh :
This report details the procedure for disabling Cross-Origin Resource Sharing (CORS) security policies in Google Chrome on macOS. This action is typically required for local development, testing API integrations, or accessing resources on different domains without a backend proxy.
Using these specific arguments is necessary because modern versions of Chrome require a unique "User Data Directory" to respect the security-disabling flag. open -na "Google Chrome"