view-source in href shows error in console

Question

<a href="view-source:http://stackoverflow.com">Click Me</a>

This used to work as a valid href attribute but it seems in the past few months it now shows an error in the console (I'm using Chrome):

Not allowed to load local resource: view-source: http://stackoverflow.com

I found some links from 2013 where this was once a bug in Chrome but said it was fixed.

Could someone point me to an authoritative source that can explain why this no longer works? I assume that this is security by the browser and not an angular issue (since view-source is whitelisted and used to work)

Answer 1

Looks like Chrome and Firefox (at least) disabled this within the past year or so

I found this thread, and these release notes explaining why and provides a timeline as to when the change took place.

---

Related StackOverflow question: File URL "Not allowed to load local resource" in the Internet Browser

Answer 2

Chrome responds with the "Not allowed to load local resource:" as a security protocol. I'm not sure why this used to work, but not now, though there is no real way around this unless web-security is disabled. There may be a different outcome on other browsers, but ultimately you are correct in thinking that it's Chrome's security.