Skip to content

Instantly share code, notes, and snippets.

@cb109

cb109/google_chrome_ignores_disable_web_security_flag.md

Created February 6, 2024 13:54
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save cb109/1e9799ed6bb057c021568c21a88da2a1 to your computer and use it in GitHub Desktop.
Save cb109/1e9799ed6bb057c021568c21a88da2a1 to your computer and use it in GitHub Desktop.
Download ZIP
Google Chrome Launch Argument Order may matter
Raw
google_chrome_ignores_disable_web_security_flag.md

Google Chrome Launch Argument Order may matter

--disable-web-security VS --user-data-dir

Also see: https://peter.sh/experiments/chromium-command-line-switches/#disable-web-security

I came across an issue with running google-chrome to render some HTML file, where we are loading fonts from an external URL and to avoid CORS screaming at us we configured it like:

google-chrome --user-data-dir=/tmp/ --disable-web-security

so loading the fonts from another domain was allowed.

Now through a subtle change in our code, at some point the argument order was flipped to

google-chrome --disable-web-security --user-data-dir=/tmp/

which in some older versions of Chrome (probably between v96 and v120) resulted in just silently ignoring the --disable-web-security flag. Reordering as before fixed that issue.

Just writing this down for others to maybe stumble upon, took me a while to figure it out.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment