[Solved] How to launch html using Chrome at “–allow-file-access-from-files” mode?

I have the same situation with HERE

And to solve this problem I have to launch html file using Chrome at “–allow-file-access-from-files” mode.
I tried next steps many times, but it doesn’t work.

  1. start cmd under windows 7
  2. direct to chrome.exe folder
  3. do this chrome --allow-file-access-from-files file:///C:/test%20-%203.html
Enquirer: AmyWuGo


Solution #1:

Search for the path of your Chrome executable and then, on your cmd, try :

> "C:PathToChrome.exe" --allow-file-access-from-files


As I see on your question, don’t forget that Windows is a little bit similar to Unix, so when you type “chrome …”, cmd will search for Chrome in the PATH, but in general the Chrome folder isn’t on the PATH. Also, you don’t specify an extension for your executable… So if you move to Chrome’s folder, this command will probably work too :

> .chrome.exe --allow-file-access-from-files
Respondent: Mohamed Amine

Solution #2:

That flag is dangerous!! Leaves your file system open for access. Documents originating from anywhere, local or web, should not, by default, have any access to local file:/// resources.

Much better solution is to run a little http server locally.

— For Windows —

The easiest is to install http-server globally using node’s package manager:

npm install -g http-server

Then simply run http-server in any of your project directories:

Eg. d:my_project> http-server

Starting up http-server, serving ./
Available on:
Hit CTRL-C to stop the server

Or as prusswan suggested, you can also install Python under windows, and follow the instructions below.

— For Linux —

Since Python is usually available in most linux distributions, just run python -m SimpleHTTPServer in your project directory, and you can load your page on http://localhost:8000

In Python 3 the SimpleHTTPServer module has been merged into http.server, so the new command is python3 -m http.server.

Easy, and no security risk of accidentally leaving your browser open vulnerable.

Respondent: orszaczky

Solution #3:

You may want to try Web Server for Chrome, which serves web pages from a local folder using HTTP. It’s simple to use and would avoid the flag, which, as someone mentioned above, might make your file system vulnerable.

Screenshot of Web Server for Chrome

Respondent: Gail Parsloe

Solution #4:

As of this writing, in OS X, it will usually look like this

"/Applications/Google Chrome.app/Contents/MacOS/Google Chrome" --allow-file-access-from-files

If you are a freak like me, and put your apps in ~/Applications, then it will be

"/Users/yougohere/Applications/Google Chrome.app/Contents/MacOS/Google Chrome" --allow-file-access-from-files

If neither of those are working, then type chrome://version in your Chrome address bar, and it will tell you what “command line” invocation you should be using. Just add --allow-file-access-from-files to that.

Respondent: Clay Bridges

Solution #5:

Don’t do this! You’re opening your machine to attacks. Instead run a local server. It’s as easy as opening a shell/terminal/commandline and typing

cd path/to/files
python -m SimpleHTTPServer

Then pointing your browser to


If you find it’s too slow consider this solution

Respondent: gman

Solution #6:

If you are using a mac you can use the following terminal command:

open -a Google Chrome --args --allow-file-access-from-files
Respondent: taz

Solution #7:

Quit (force quit) all instances of chrome. Otherwise the below command will not work.

open -a "Google Chrome" --args --allow-file-access-from-files

Executing this command in terminal will open Chrome regardless of where it is installed.

Respondent: Matt Perejda

Solution #8:

REM Kill all existing instance of chrome 
taskkill /F /IM chrome.exe /T
REM directory path where chrome.exe is located
set chromeLocation="C:Program Files (x86)GoogleChromeApplication"
cd %chromeLocation%
cd c:
start chrome.exe --allow-file-access-from-files

save above lines as .bat file

Respondent: YJDev

Solution #9:

Depending on the file which will be put into filesystem, as long as that file is not a malware, then that would be safe.

But don’t worry to write/read file(s) to File System directory, cause you can tighten that directory security (include it’s inheritance) by give a proper access right and security restriction. eg: read/write/modify.

By default, File System, Local Storage, and Storage directory are located on “Users[Current User]AppDataLocalGoogleChromeUser DataDefault” directory.

However you can customize it by using “–user-data-dir” flag.

And this is a sample:

"C:Program Files (x86)GoogleApplicationchrome.exe" --user-data-dir="C:Chrome_DataOO7" --allow-file-access-from-files

Hope this helps anyone.

Respondent: OO7

Solution #10:

Well there is quick to run a html which needs permission or blocked by CORS
Just simply open the folder using VSCODE and install an extension called “live server”

And then just click on the bottom which says go live, thats it.

Respondent: Prosenjeet Paul

Solution #11:

On windows:

chrome --allow-file-access-from-files file:///C:/test%20-%203.html

On linux:

google-chrome --allow-file-access-from-files file:///C:/test%20-%203.html
Respondent: Bonn

The answers/resolutions are collected from stackoverflow, are licensed under cc by-sa 2.5 , cc by-sa 3.0 and cc by-sa 4.0 .

Leave a Reply

Your email address will not be published.