eielffflmdghikanjdokdodefeopfdip
🚀 Easily unblock Cross-Origin Resource Sharing (CORS) restrictions with just one click! Are you tired of seeing CORS errors while accessing APIs, testing web applications, or debugging your projects? The CORS Unblock extension helps you bypass restrictive CORS policies by modifying HTTP response headers, allowing access to restricted resources. 🔹 What This Extension Does: ✅ Removes CORS restrictions on all websites ✅ Automatically adds the Access-Control-Allow-Origin: * header ✅ Works on APIs, JavaScript fetch requests, and browser requests ✅ One-click enable/disable functionality 🔹 Who is This For? Developers testing APIs and making cross-origin requests Web Designers embedding content from different origins Researchers analyzing cross-domain data Anyone frustrated with CORS errors in Chrome 🔹 How to Use: 1️⃣ Install the extension 2️⃣ Click the CORS Unblock icon in the toolbar 3️⃣ Toggle the extension ON/OFF as needed 4️⃣ Enjoy unrestricted access to APIs and websites This extension only modifies response headers, it does not compromise security. Some websites may still enforce strict CORS policies server-side. Disable the extension when not in use to prevent conflicts with other browsing activities. 💡 Need Support? If you have any issues or feature requests, feel free to leave a review!
Anti-CORS, anti-CSP
Enable cross origin requests blocked by CORS or CSP. Disable CORS and CSP in selected hostnames, preserve security of other websites The extension enables cross origin requests with fetch() or XMLHttpRequest (XHR) objects that are blocked by CORS policy or violate the document’s Content Security Policy. It is an easiest way to solve CORS errors during development. Internally the extension bypasses Cross-Origin Resource Sharing (CORS) and Content Security Policy (CSP) by setting permissive Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Headers, Access-Control-Allow-Credentials and Content-Security-Policy response headers. User guide: Click the extension icon in the tab with the URL on which you want to enable cross-origin requests. CORS policy gets disabled in all the tabs with the same hostname. The tabs with web pages from other hosts are not affected. Any fetch() or XHR requests will succeed unless they are blocked by CSP. To disable CSP the pages have to be reloaded. Typical use case: You develop an enterprise web application whose functionality depends on already existing web services. The production environment has the same hostname as the web services, but the development environment is set up in your office and has a different hostname. The web services do not support the cross-origin requests. Thus, in the development environment HTTP requests to the essential web services are prevented by the CORS mechanism in the browser. You can imagine a solution based on a reverse proxy and the environment-dependent URLs for the REST services, or you can opt for the effortless solution not to do anything more than installing a browser extension. Not only CORS, but also CSP prevents cross-origin requests. A strict CSP is an increasingly common security requirement. As with CORS, you could set up different policies for the development and production environment, but it is easier to use an extension instead of configuring environment-specific application settings. How this extension is better than other extensions: - The extension is domain-specific. Cross-origin requests gets enabled, i.e. CORS and CSP get disabled, not globally in all browser tabs, but only in the tabs with the hostnames that you have selected by clicking on the extension icon. Thus, the extension does not compromise the security of all websites opened in your browser. - The extensions is open source and, thus, is safe. - The extension relaxes both CORS and CSP. - Cross origin requests with cookies are supported. The extension sets not an asterisk but the exact origin in the Access-Control-Allow-Origin header. - The extension does not disrupt function of any popular websites such as Youtube.com or Google Docs - The extension does not have any settings and does not need to be configured. - Besides the icon, the extension does not have any user interface. How to test a CORS extension There are two criteria: - Cross origin requests become possible. You can test all possible requests, i.e. GET, POST, PUT, DELETE, PATCH with or without credentials, on https://crossoriginrequests.onrender.com - Function of other websites, e.g. youtube.com or docs.google.com, should not be disrupted even when the extension is activated in their tabs. The source code of the anti-CORS extension is explained in https://marian-caikovski.medium.com/how-to-bypass-cors-and-csp-policies-and-enable-cross-origin-requests-in-a-browser-47fe269500fb The plain source code can be extracted from the extension or downloaded from https://github.com/marianc000/antiCors
CORS Unblock
Temporarily unblock CORS for development and testing purposes Unblock CORS (cautiously!) for Development & Testing Need to temporarily unblock CORS restrictions on a trusted website for development or testing? This extension allows you to do that with a "SINGLE CLICK", but be aware of the security implications. Unblocking is temporary and won't persist across page reloads. Use responsibly on trusted sites only! Simple one-click unblocking. Clear warnings about security risks and temporary nature of changes. Designed for developers and testers (use with caution on production websites). This extension is a valuable tool for developers and testers, but it's crucial to use it responsibly and understand the potential security risks. Completely free and NO ads! For JSON Validation and formatting visit: https://jsonvalidator.onrender.com
CORS Bypass : Access-Control-Allow-Origin
Easily add (Access-Control-Allow-Origin: *) rule to the response header globally. Easily Unblock CORS (Cross-Origin Resource Sharing) restrictions during development by enabling the Access-Control-Allow-Origin header. CORS Unblock allows developers to quickly toggle CORS rules in the browser, helping test APIs and front-end apps without running into cross-origin errors.
Allow CORS
Enable this extension to bypass CORS errors and make API calls from different domains seamlessly Tired of annoying CORS errors blocking your API requests? Allow CORS chrome extension is your ultimate fix. This powerful extension lets you bypass cross-origin restrictions instantly—no coding, no headaches. With just one click, unlock seamless API communication across different domains and keep your workflow smooth. Say goodbye to frustrating roadblocks and hello to hassle-free web development. One-Click Toggle – Enable or disable with a single click. Perfect for Developers – Ideal for API testing and debugging. Install the Extension – Add the Allow CORS extension to your browser. Enable It – Click on the extension icon and turn it on. Disable When Not Needed – Toggle off the extension when it’s no longer required. The restrictions imposed by CORS become a significant development challenge for testers and developers who need to make API calls between different domains. This extension offers an effective and quick solution which avoids both server modifications and workaround approaches. The tool improves development efficiency because programmers can maintain application development and testing activities free from security barriers. Who Can Benefit from This Extension? Frontend Developers utilize this extension for API testing that bypasses backend standards during development work. The QA engineers & testers benefit from a solution that helps debug requests that span across different domains. API Developers benefit from this solution because it streamlines their work of testing API connections.
