Because Polypane is a browser for developers, it has slightly different security settings compared to other browsers, and will allow more on localhost.
Invalid ssl certificates
For localhost, Polypane will silently allow self-signed certificates. On any other domain or for any other certificate error (like expired or the wrong host) Polypane will show a dialog showing you the url and the error and ask you if it should still open the page. It will do this once per certificate per session.
Cross origin resource sharing (CORS)
Polypane does not have any setting to disable or change cors settings. If you need this, please let us know your use case.
Content security policies (CSP)
To show pages in multiple panes within the same window, Polypane does not adhere to Content Security Policies. When using isolated panes, CSP is adhered to.
Servers can limit the amount of connections a single browser can make to them, but this is ignored in Polypane. This way you can view your website in multiple panes, even if the number of panes exceed the maximum number of concurrent connections allowed.
Is your question not answered?
Ask via Twitter, Slack or our contact form