Feature request: CORS - same origin policy whitelist

[Morten]

Hey!

Just wanted to propose adding a feature to Chromium (and hopefully propagate to Chrome). Working as a webdev I often come across situations where the server we need to connect to does not support adding the CORS headers. This is most prominent in enterprise situations where you need to connect to a vast array of different systems and appliances to get data from the API's. Quite often there is really no need to do so from a server as the API actions are well suited for AJAx-requests. 

Also for all us devs out there developing and testing on local or other environments not in production connecting to servers in other domains or subdomains is a pain.

Being able to add those sites to a whitelist so they are excepted from the CORS same origin policy will help a lot of people. If its also possible to on windows make this controllable via GPO (a registry entry or whatever), controlling wallboards and other types of "headless" systems that will be cumbersome to manually remote to add this to the browser will be a blessing. 

Thanks for your ears and great work!

Regards

Morten

[PhistucK]

1. You can always use a proxy.

2. For wallboards, I guess you can just use --disable-web-security. Not for normal browsing, of course.

3. Having a white list in the Developer Tools feature sounds like a nice idea. Anywhere else (beside group policy, I guess) can be abused.

You basically want the Internet Explorer zone feature...

☆PhistucK

--
--
Chromium Discussion mailing list: chromium...@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-discuss

---
You received this message because you are subscribed to the Google Groups "Chromium-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-discuss+unsubscribe@chromium.org.