Context: I'm trying to run a local copy of this Diceware password generation site, and I'm currently getting a non-functional page with no CSS. Inspect Element tells me that most of the webpage is getting blocked due to CORS policy. I know there's ways around this; a similar question talks about how launching Chrome with --disable-web-security --user-data-dir or running a web-server using Python will allow one to achieve the intended results.
If possible, I'd really rather not do any of that, and instead just be able to double-click on the index.html file and have it work. Is there a modification I can make to my current Chrome installation that will make this possible? I've been trying to make this extension do what I want it to do, but even when it's set to allow everything, it still doesn't seem to work.
I'd prefer a solution that allows me to whitelist just this one local file and/or its containing directory, but just about anything is fine so long as it A) doesn't cause security issues when browsing the web itself and B) doesn't require special effort (e.g. launching a web-sever on my machine) to view this page.
Best Answer
As it so often happens, I've found an answer almost as soon as I've gone to ask for help. Not perfect, but it works okay. Adding
--allow-file-access-from-files --allow-file-access --allow-cross-origin-auth-promptto Chrome's launch flags (which, to my understanding, allows files on one's local machine to be opened, to open other local files, and to bypass CORS policy) accomplishes basically what I want.This does still allow all local files to do this, so it isn't perfect, but it's much better than allowing any file on either the local machine or the Web to do so. Putting this here if anybody else is searching for a similar answer, although I'm still searching for a better answer if one happens to exist.