When you try to use a module in an HTML page without using a Web Server, a CORS (Cross-Origin Request Blocked) violation message pops in the console. But why is that? Why is it a big deal? I've heard you can disable it in the browser, but I really want to know why it's a default measure.
If you try to run the following file in a browser without a web server, this message pops in: Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at file: [path of the file]. (Reason: CORS request not http)
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Document</title>
<script src="objects.js" type="module"></script>
</head>
<body>
<button id="button" >test</button>
</body>
</html>
