Enabling Cross-Domain AJAX in Firefox
Tonight I have finally conquered one of the biggest annoyances of the past year for me (in terms of development at least). Developing web applications with Firefox is a pleasure because of the firebug extension. Nothing comes close in Safari. Unfortunately, Firefox doesn't allow cross-domain XMLHttpRequests for security reasons. While good security is a plus, this restriction can make development and testing a real chore. For those of us willing to risk the security vulnerability, here is how to bypass the cross-domain restriction once and for all:
1. Close Firefox
2. Edit the file prefs.js in your Firefox user profile folder
3. Add the following line anywhere in the file
user_pref("capability.policy.default.XMLHttpRequest.open", "allAccess");
4. Save the file and re-open Firefox. You can now risk your life and limb by doing XHR's to whatever domains you want - congratulations!
4 comments:
Nice one, well done lad. Been looking for a way to circumvent the convoluted "official" signed script way of doing this for a while.
Yeah, it took me a really long time to figure this out, and every other way seems to be just annoying. In my opinion it should be a preference that can be set from within firefox.
good trick, but there's easier way to enable cross domain without editing config files by hand.
type "about:config" in your URL bar
right click on the list of preferences and select the "New->String" contextual menu.
add capability.policy.default.XMLHttpRequest.open as key name and allAccess as value
PS. i do not remember if this is taken into account immediately or if you have to reboot.
Also notice this pref will *not* show there, but it's well into your prefs.js (check it out if you want).
Done!
good trick, but there's easier way to enable cross domain without editing config files by hand.
type "about:config" in your URL bar
right click on the list of preferences and select the "New->String" contextual menu.
add capability.policy.default.XMLHttpRequest.open as key name and allAccess as value
PS. i do not remember if this is taken into account immediately or if you have to reboot.
Also notice this pref will *not* show there, but it's well into your prefs.js (check it out if you want).
Done!
Post a Comment