Instead of file:///, use http://localhost:8000 and fetch() normally.
Example with Python:
python -m http.server 8000
The file:// protocol does not support CORS headers. Even if you try to fetch a local file from another local file, the browser blocks it with an error like: fetch-url-file-3A-2F-2F-2F
Access to fetch at ‘file:///C:/data.json’ from origin ‘null’ has been blocked by CORS policy. Instead of file:/// , use http://localhost:8000 and fetch()
Developers sometimes concatenate strings to form URLs, forgetting to encode or decode properly. For example: The file:// protocol does not support CORS headers
# Pseudo-code that could generate such output
base = "fetch-url-file:"
path = "///some/resource"
full = base + path # "fetch-url-file:///some/resource"
If they then mistakenly print or log the encoded version of this full string (applying percent-encoding to the colon and slashes), they might get fetch-url-file-3A-2F-2F-2Fsome%2Fresource.
But in the given keyword, there is no trailing path — it stops after three slashes, so it might be an incomplete or truncated log fragment.
If you disable webSecurity in Electron’s BrowserWindow, fetch() can access file:///.
Warning: This is dangerous for production apps.