views:

2295

answers:

7

I want to develop JS on my windows machine. Do you know a browser where I can turn off SOP so I can develop? Firefox would be optimal.

Or if you know a proxy I could use for a SOAP/WSDL site it would be great too..

I am trying to work with the SOAPClient (http://www.codeplex.com/JavaScriptSoapClient)

+1  A: 

http://en.wikipedia.org/wiki/Cross-Origin_Resource_Sharing

DrJokepu
The section of the article you link to doesn't seem to exist anymore.
Dusty Campbell
@Dusty Campbell: Thanks, I've updated the link.
DrJokepu
A: 

Firefox would be optimal.

If you can live with Internet Explorer, you may be able to use an .hta application

http://msdn.microsoft.com/en-us/library/ms536496(VS.85).aspx

(This is one of the ways the Selenium test automation tool deals with the issue)

Paul
+1  A: 

Make a page on your local server that calls the remote server and answer the same as the remote server.

Example, javascript calls local server for a JSON. The local server makes the call to the remote server for that JSON. The local server receives the JSON from the remote server and send it to the javascript.

dan
A: 

All of the given answers are good ones when it comes to getting around the same origin policy in production.

For development, there is no convenient way to "disable" this security check. There are workarounds (see other answers) or hacks (you could use Greasemonkey to wrap up the JavaScript and use their GM_xmlhttprequest as a temporary measure), but no way to actually "turn it off" as you describe.

singpolyma
A: 

You can also redirect a local port to the remote server and port via ssh.

A: 

I have no real experience with this, but FireFox 3.5 allows Cross-Site JS according to the W3C Cross-Origin Resource Sharing Draft.

See: https://developer.mozilla.org/En/HTTP_access_control

wilth
+2  A: 

In Firefox (might apply to other Gecko-based browsers as well) you can use the following JavaScript snippet to allow cross-domain calls:

if (navigator.userAgent.indexOf("Firefox") != -1) {
    try {
        netscape.security.PrivilegeManager.enablePrivilege("UniversalBrowserRead");
    } 
    catch (e) {
        alert("Permission UniversalBrowserRead denied -- not running Mozilla?");
    }
}

It looks like there's an issue created in the Chromium issue tracker for achieving the same functionality, so you could try starting Chrome with the argument --disable-web-security. I don't know which builds this works on exactly, but at least Nokia's WRT Tools comes with a Chrome installation that does in fact allow loading content from other sites.

miek
This is, indeed, the way to test your code. Pops up a warning and then Just Works. Thanks so much!
Shermozle