9

I know how to disable chrome web security flag on Windows. But I'm on chromebook and have no idea how to disable XSS Auditor aka chrome web security flag on chromebook for pentesting.

Please help! Thanks!

Edit: This question address the fact that I want to disable security flags on chromebook, not android webview.

mehulmpt
  • 14,731
  • 12
  • 43
  • 83
  • Possible duplicate of [How to disable web security when using angularjs in android webview?](http://stackoverflow.com/questions/26418520/how-to-disable-web-security-when-using-angularjs-in-android-webview) – Paul Sweatte Jan 26 '17 at 14:30
  • 2
    @PaulSweatte Are you serious right now? – mehulmpt Jan 26 '17 at 19:05
  • Sorry, I don't know, but editing [the hosts file](http://superuser.com/questions/595267/hosts-file-for-chromebook) then [mapping the URLs](http://stackoverflow.com/questions/1138529/accessing-clients-localhost-from-javascript-online/1138614#1138614) would be a workaround. – Paul Sweatte Jan 26 '17 at 22:47
  • @PaulSweatte Did you even understand the question? You are commenting on a very different topic. – Horitty TechMasters Jun 03 '22 at 09:12

2 Answers2

1

Nevermind, I installed crouton and then used --disable-web-security flag. This can be done by installing ubuntu or any other linux distro and then using chromium there.

Chromebook natively does not support disabling web security flag.

mehulmpt
  • 14,731
  • 12
  • 43
  • 83
0

Now that Chromebooks support Linux. I "turned on" the Linux feature and installed Chrome inside the Linux container. I then used the command below to launch Chrome with Web security disabled.

google-chrome --user-data-dir=”/var/tmp/Chrome” --disable-web-security

Seems Chromebooks don't allow users to disable web security natively.

Horitty TechMasters
  • 89
  • 5