Overcoming security safety constraints
Security is the enemy of usability.
The Internet has grown a lot, and with it, the need for security. However, to a developer, that security can be a serious barrier at times.
Fortunately, there are ways around it, in hidden settings and tools that will allow you to "open the hood" so you can work on the engine.
Obviously, this only affects you. It will not override the security settings of other people using your site. But during development, it can be a lifesaver...
Because... sometimes, the guards are the problem.
Including Insecure Sources
Lets say you're building your Webflow site, and running it on Webflow's servers.
But you're doing some script development, and that script happens to be on your local computer, using a local webserver.
You need to be able to view your website, but while it includes a local script, so that you can develop with your script acting on you staged site.
Your Webflow site is SSL secured, running on the https: protocol. Your locally-served script files... are not. They're on http:
This presents a problem.
But by default, Chrome will not allow you to include an insecure script in a secure site. Because... security.
In this situation, it's quite difficult to create and register legitimate SSL certificates that will allow Chrome to see your local site as secure.
Fortunately, there's an easier way.
And yes, this is weird.
When you get the error telling you that you cannot access this file, click anywhere on your webpage, and type these letters.
t h i s i s u n s a f e
This is a magic string of characters in Chrome, that will tell it to override its default security restrictions. Let me be clear... you will not be prompted. There is no visible setting. There is no box to type it into.
It's just... magic. Cool, eh?
Overriding CORS
For this, I find a browser extension works best.
FAQs
Answers to frequently asked questions.