How to launch HTML using Chrome at "--allow-file-access-from-files" mode?

Using a local server

While --allow-file-access-from-files allows swift debugging and development, it might cause security vulnerabilities.

By default, web documents shouldn't interact with your local file:/// resources. A safer, more effective approach to grant file access is by using a local HTTP server.

Installing a local HTTP server

You can use either http-server with npm or Python's SimpleHTTPServer module as follows:

npm install http-server -g  # npm package
python -m SimpleHTTPServer  # Python package


After navigating to your project directory, you can start serving files:

http-server  # Launch the server here and it's party time!


Opening pages in a local server

Your HTML files served through a local server will be available on http://localhost:8000, presented with accurate AJAX calls and CORS handling, resembling a true web environment.

Inescapable usage of the "--allow-file-access-from-files" flag

If using a local server is not an option for your case, and you're sure you want to use --allow-file-access-from-files, do it responsibly:

1. Verify the path to your Chrome installation. Check this via chrome://version.
2. Close all instances of Chrome before running the command. Ghosts of Chrome-past can be stubborn!
3. When running the command, use the correct executable. Sometimes chrome.exe feels too mainstream!

Proceed with caution

Security should be your best friend

--allow-file-access-from-files should be used prudently. Always scrutinise what you're going to test before you dive into the deep end.

Is the flag working as expected?

Don't count your chickens before they hatch! After using the flag, ensure everything works as expected by checking the console for errors in the Chrome DevTools.

Don't leave your backdoor open

After testing, make sure to close Chrome and launch it in standard mode. An excellent cook should always clean the kitchen afterward!