When I turn off security entirely in Chrome, it has no effect.
Safari has similar option, it does it.
I would get no CROS error during development of the frontend web app.
I would do it from GUI not from terminal starting with some exotic option. Not like this: Disable same origin policy in Chrome
To solve the issue, you have the following options:
Deploy the app on the same server or domain as the service that you want to call, so that both resources are in the same origin (if possible)
Set the CORS-relevant response headers on the remote system (if possible)
Disable the same-origin policy in the browser for local testing
In Google Chrome, you can easily disable the same-origin policy of Chrome by running Chrome with the following command: [your-path-to-chrome-installation-dir]\chrome.exe --disable-web-security --user-data-dir. Make sure that all instances of Chrome are closed before you run the command. This allows all web sites to break out of the same-origin policy and connect to the remote service directly.
Refe: This link
