# VSCode CORS

When debugging webUI projects in VSCode, it can be necessary to disable any CORS checking, so that VSCode can serve your app, while your backend API calls point elswhere.

Aside: For more information on how to debug Angular applications in VSCode, see this: <span data-annotation-inline-node="true" data-annotation-mark="true" data-card-url="https://oga.atlassian.net/wiki/spaces/~311198967/pages/135692290" data-inline-card="true" data-renderer-start-pos="259"><span aria-label="More information about this work item" data-testid="hover-card-trigger-wrapper">[<span class="_o5721jtm _1nmz9jpi _16d9qvcn _ca0qv77o _u5f31b66 _n3tdv77o _19bv1b66" data-testid="inline-card-icon-and-title"><span class="smart-link-title-wrapper">Debugging Angular in VSCode</span></span>](https://oga.atlassian.net/wiki/spaces/~311198967/pages/135692290)</span></span>

Any easy way to accomplish this, is to disable web security of the node runtime that is hosting the app (for VSCode).

To do this, add a --disable-web-security switch to the runtime arguments of your debug startup.

Below, is a launch.json file of an Angular project in VSCode. It contains a debug startup called, `start-scratchdev.` We add this line to it: `"runtimeArgs": ["--disable-web-security"]`

[![image.png](https://wiki.galaxydump.com/uploads/images/gallery/2025-03/scaled-1680-/OOXqdLHrNNqDvGse-image.png)](https://wiki.galaxydump.com/uploads/images/gallery/2025-03/OOXqdLHrNNqDvGse-image.png)

The above runtime argument addition allows the node hosting process of our debugger session, to let the app make API calls to a different origin.