If you are like myself and leave the server-side stuff to those who like doing that type thing (well, I dabble here and there) then you love to find ways to avoid asking them to do stuff for. In the world of HTML 5 mobile application development you are always integrating with some service and often its cross-domain. If for some reason your cross-domain calls are not using JSONP but perhaps regular JSON or SOAP/XML you will immediately run into problems testing your mobile application within Chrome.

Chrome is really where you want to do your development as it takes too much time to compile an app and load onto a device just so you can test though yes, you do ultimately want to test on-device. WEINRE takes some of the pain out but it still has a mild sting to it. Anyway you can still use Chrome for your cross-domain non JSONP requests. Just start it up with a switch to disable web security – the switch is:


What I do is have two shortcuts on my desktop – a normal one for Chrome in all of its default glory, and another one specifically for development that will launch Chrome with its web security feature disabled.

So how does one go about using this handy switch/feature? First, create a shortcut on your desktop to Chrome. Don’t know how to do that? Well my friend, thats what Google is for. Next, make a copy of the shortcut – rename it to something obvious, for example “Chrome Security Disabled” or similar.

Next right-click and choose properties. You should see something like this:

Next, note the field that is hilited – the one labeled “Target”. That’s the path to the Chrome executable. type a space after the exe and paste in the switch as seen below:

Hit “Apply”, then “OK”. Thats it!

There are many more switches that you can use, they are documented at the Google Chrome Repository.

Don’t forget that you have to make sure you kill all chrome instances first, or the command line switches won’t have any effect. In VISTA if you have an instance of Chrome open and try to edit the target of a shortcut the edit won’t take. Again, close all Chrome instances first.

Also don’t’ forget that you have security disabled! Its easy to think everything works fine in Chrome when it won’t in the real world and can be a source of frustration when you wonder why your app works on your computer but not when deployed to a server. Another impact of forgetting that you have lowered your security is browsing the Internet in general – you will need to completely shutdown Chrome and then start a “normal” Chrome instance to regain previously disabled security features.