app.use((req, res, next) => res.header("Access-Control-Allow-Origin", "*"); next(); ); Embed the XSLT as a data URI:
<?xml version="1.0"?> <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> <xsl:template match="/"> <html><body> <h2>Items:</h2> <xsl:for-each select="root/item"> <p><xsl:value-of select="."/></p> </xsl:for-each> </body></html> </xsl:template> </xsl:stylesheet> chrome unsafe attempt to load url xslt
Header set Access-Control-Allow-Origin "*" add CORS headers. Then open http://localhost:8000/data.xml
cd project python -m http.server 8000 # Open http://localhost:8000/data.xml | Fix | Best for | Difficulty | |-----|----------|------------| | Relative paths | Same folder structure | Easy | | Local web server | Development/testing | Medium | | Disable web security | Quick local test only | Easy (risky) | | CORS headers | Production servers | Medium | | Data URI | Very small XSLT | Hard | chrome unsafe attempt to load url xslt
project/ ├── data.xml └── style.xslt
# Windows chrome.exe --disable-web-security --user-data-dir="C:/chrome_dev" open -n -a /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --args --user-data-dir="/tmp/chrome_dev" --disable-web-security Linux google-chrome --disable-web-security --user-data-dir="/tmp/chrome_dev" Solution 4: Enable CORS on Your Server If you control the server hosting the XSLT file, add CORS headers.
Then open http://localhost:8000/data.xml