在 Chrome 中禁用同源策略

关闭 chrome(或 Chromium)并使用 --disable-web-security 参数重新启动.我刚刚对此进行了测试，并验证了我可以访问嵌入在localhost"(在chromium 5/ubuntu 下测试)提供的页面中的 src="http://google.com" 的 iframe 的内容.对我来说，确切的命令是:

Close chrome (or chromium) and restart with the --disable-web-security argument. I just tested this and verified that I can access the contents of an iframe with src="http://google.com" embedded in a page served from "localhost" (tested under chromium 5 / ubuntu). For me the exact command was:

注意:在运行命令前杀死所有 chrome 实例

chromium-browser --disable-web-security --user-data-dir="[some directory here]"

浏览器第一次打开时会警告您您正在使用不受支持的命令行"，您可以忽略.

The browser will warn you that "you are using an unsupported command line" when it first opens, which you can ignore.

来自铬源:

// Don't enforce the same-origin policy. (Used by people testing their sites.)
const wchar_t kDisableWebSecurity[] = L"disable-web-security";

在 Chrome 48 之前，您可以只使用:

Before Chrome 48, you could just use:

chromium-browser --disable-web-security