Header set Access-Control-Allow-Origin "*"
# Python 3 python -m http.server 8000 python -m SimpleHTTPServer 8000
The root cause is Chrome's security policy. The cleanest solution is to use a local web server instead of opening XML files directly from disk. chrome unsafe attempt to load url xslt
<?xml version="1.0"?> <?xml-stylesheet type="text/xsl" href="data:text/xsl,<xsl:stylesheet%20version='1.0'%20xmlns:xsl='http://www.w3.org/1999/XSL/Transform'><xsl:template%20match='/'>...</xsl:template></xsl:stylesheet>"?> File structure:
<?xml version="1.0"?> <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> <xsl:template match="/"> <html><body> <h2>Items:</h2> <xsl:for-each select="root/item"> <p><xsl:value-of select="."/></p> </xsl:for-each> </body></html> </xsl:template> </xsl:stylesheet> Header set Access-Control-Allow-Origin "*" # Python 3 python
project/ ├── data.xml └── style.xslt
app.use((req, res, next) => res.header("Access-Control-Allow-Origin", "*"); next(); ); Embed the XSLT as a data URI: ?xml-stylesheet type="text/xsl" href="data:text/xsl
Then open http://localhost:8000/data.xml