CORS Tester

Test Cross-Origin Resource Sharing (CORS) for any URL from your browser.

Request Configuration

URL

Presets:

Method

Custom Headers (optional, one per line: Header-Name: value)

About CORS

CORS (Cross-Origin Resource Sharing) is a security mechanism that allows or restricts web applications from making requests to a different domain than the one serving the web page.

CORS Allowed When:

Server sends Access-Control-Allow-Origin header
Origin matches or is wildcard (*)
For credentials, explicit origin is required

CORS Blocked When:

No Access-Control-Allow-Origin header
Origin not in allowed list
Preflight request fails