开发者

Disabling same-origin policy in Safari

For development purposes, I need to disable the same-origin policy in Safari (on Windows) on my machine.

In Chrome, this can be done 开发者_JAVA技巧by launching with the flag --disable-web-security. Is there an equivalent flag or hidden setting in Safari?


If you want to disable the same-origin policy on Safari (I have 9.1.1), then you only need to enable the developer menu, and select "Disable Cross-Origin Restrictions" from the develop menu.


Later versions of Safari allow you to Disable Cross-Origin Restrictions. Just enable the developer menu from Preferences >> Advanced, and select "Disable Cross-Origin Restrictions" from the develop menu.

If you want local only, then you only need to enable the developer menu, and select "Disable local file restrictions" from the develop menu.


goto,

Safari -> Preferences -> Advanced

then at the bottom tick Show Develop Menu in menu bar

then in the Develop Menu tick Disable Cross-Origin Restrictions


Unfortunately, there is no equivalent for Safari and the argument --disable-web-security doesn't work with Safari.

If you have access to the server side application, you can modify the https response headers to allow access. Mainly the Access-Control-Allow-Origin header. Modifying it will allow Safari to access the resource. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS#Access-Control-Allow-Origin for more information on the response headers that will help.


There is an option to disable cross-origin restrictions in Safari 9, different from local file restrictions as mentioned above.


For those debugging a site in iOS Safari with an iPhone plugged into a Mac and using the Mac's Develop menu to inspect the site on the phone, if the option for Disable Cross-Origin Restrictions is greyed out, follow these steps.

  • Click on the Safari menu on your Mac
  • Click on Preferences...
  • Click on the tab for Privacy
  • Remove the checkmark for Prevent cross-site tracking
  • Refresh the page on your phone
  • Put a sticky note on your computer with a reminder to put the checkmark back when you are done working

(Tested on iOS 15.3.1 and Desktop Safari 14.0.1)


Most of these answers are old. The latest Safari 14.0.2 (in 2021), has the option to Disable Cross-Origin Restrictions, however, it doesn't work if the paths have ../../ kind of path names; even though Safari correctly resolves to a local file path, it still doesn't permit loading the file, even though it exists. This is a recent bug in Safari 14 that didn't happen in 13.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜