Bypassing “cross-origin request”-errors on testing a web service locally

Developing a website with a REST-backend and XHR-requests to retrieve data from the underlying database requires a lot of early-on local testing. However, in this case the resource is coming from a different origin and modern web browsers block them (CORS error). Is there any way to bypass this behaviour in the development stage?
2 answers

There are certain addons for almost all common web browsers to ignore these CORS-errors and allow those requests even if there is no security header present. For testing purposes in my projects I’m using the “Moesif Origin & CORS Changer” addon, which is available in the Chrome addon store. It either allows to deactivate CORS-checks as a whole or on specific web pages (e.g. localhost).

Comments

I tried this CORS regulator out in the browser and it seemed to be a good solution for it.
Before that, this problem occurred only directly in the backend while I was developing a distributed system.

Cordula Thekla ... - Mon, 11/25/2019 - 23:43 :::