fcbmpcbjjphnaohicmhefjihollidgkp
Enable cross origin requests blocked by CORS or CSP. Disable CORS and CSP in selected hostnames, preserve security of other websites The extension enables cross origin requests with fetch() or XMLHttpRequest (XHR) objects that are blocked by CORS policy or violate the document’s Content Security Policy. It is an easiest way to solve CORS errors during development. Internally the extension bypasses Cross-Origin Resource Sharing (CORS) and Content Security Policy (CSP) by setting permissive Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Headers, Access-Control-Allow-Credentials and Content-Security-Policy response headers. User guide: Click the extension icon in the tab with the URL on which you want to enable cross-origin requests. CORS policy gets disabled in all the tabs with the same hostname. The tabs with web pages from other hosts are not affected. Any fetch() or XHR requests will succeed unless they are blocked by CSP. To disable CSP the pages have to be reloaded. Typical use case: You develop an enterprise web application whose functionality depends on already existing web services. The production environment has the same hostname as the web services, but the development environment is set up in your office and has a different hostname. The web services do not support the cross-origin requests. Thus, in the development environment HTTP requests to the essential web services are prevented by the CORS mechanism in the browser. You can imagine a solution based on a reverse proxy and the environment-dependent URLs for the REST services, or you can opt for the effortless solution not to do anything more than installing a browser extension. Not only CORS, but also CSP prevents cross-origin requests. A strict CSP is an increasingly common security requirement. As with CORS, you could set up different policies for the development and production environment, but it is easier to use an extension instead of configuring environment-specific application settings. How this extension is better than other extensions: - The extension is domain-specific. Cross-origin requests gets enabled, i.e. CORS and CSP get disabled, not globally in all browser tabs, but only in the tabs with the hostnames that you have selected by clicking on the extension icon. Thus, the extension does not compromise the security of all websites opened in your browser. - The extensions is open source and, thus, is safe. - The extension relaxes both CORS and CSP. - Cross origin requests with cookies are supported. The extension sets not an asterisk but the exact origin in the Access-Control-Allow-Origin header. - The extension does not disrupt function of any popular websites such as Youtube.com or Google Docs - The extension does not have any settings and does not need to be configured. - Besides the icon, the extension does not have any user interface. How to test a CORS extension There are two criteria: - Cross origin requests become possible. You can test all possible requests, i.e. GET, POST, PUT, DELETE, PATCH with or without credentials, on https://crossoriginrequests.onrender.com - Function of other websites, e.g. youtube.com or docs.google.com, should not be disrupted even when the extension is activated in their tabs. The source code of the anti-CORS extension is explained in https://marian-caikovski.medium.com/how-to-bypass-cors-and-csp-policies-and-enable-cross-origin-requests-in-a-browser-47fe269500fb The plain source code can be extracted from the extension or downloaded from https://github.com/marianc000/antiCors
CORS Unblocker
Temporarily bypass CORS restrictions to streamline development and testing workflows. CORS Unblocker: Effortless Cross-Origin Development and Testing Simplify API Testing and Web Development Take control of your development workflow with CORS Unblocker, the ultimate tool for bypassing Cross-Origin Resource Sharing (CORS) restrictions. Designed with developers and testers in mind, this extension streamlines the process of working with local and cross-origin APIs. Key Features Instant CORS Bypass Enable or disable CORS restrictions with a single click, removing barriers to seamless API and web application testing. No server-side changes required! Temporary and Secure CORS unblock settings are temporary and automatically reset when the browser closes, ensuring your browsing remains secure. Developer-Focused Design Tailored specifically for developers and testers, this tool simplifies debugging and accelerates workflows for local development and API integrations. Built-In Security Warning Receive clear, built-in warnings about potential security implications when disabling CORS, empowering you to make informed choices. Minimalist, User-Friendly Interface Enjoy a sleek, intuitive UI that makes toggling the CORS unblocker quick and hassle-free. Safe for Development Environments Perfect for debugging and testing without affecting live or production systems, keeping your projects secure. Plug-and-Play Functionality No setup required—just install, enable, and start using immediately. Universal Compatibility Works across all websites and API endpoints, offering a comprehensive solution for cross-origin issues. Why Choose CORS Unblocker? Whether you're a seasoned developer or just starting, CORS Unblocker is an essential tool for enhancing your productivity. Debug, test, and develop faster while keeping your projects secure and efficient. Download now and revolutionize your cross-origin development!
CORS Unblock
Web apps cross-origin access with precise domain control and simple permissions. CORS Unblock is a powerful browser extension that enhances web applications by enabling controlled cross-origin requests. It provides native-like networking capabilities while maintaining security through explicit permission controls. • Security-First Design - No user data collection - All operations performed locally in your browser - Explicit permission model for maximum security For Developers: CORS Unblock provides a straightforward API to request domain access permissions. Once user authorization is granted, your web application can make cross-origin requests without complex proxy servers or CORS configurations. For Users: The extension works automatically in the background. When a web application needs cross-origin access, you'll receive a clear permission request. You maintain full control over which domains can communicate with each other. Privacy & Security: We take your privacy seriously. CORS Unblock: - Collects no user data - Processes all operations locally - Requires explicit permission for each domain - Allows instant permission revocation This extension is perfect for developers building modern web applications and users who want to safely enable cross-origin capabilities while maintaining control over their browsing security. Contact: If you have any questions or suggestions, please join us at https://discord.gg/re3cFtxAjT
CORS Unblock
🚀 Easily unblock Cross-Origin Resource Sharing (CORS) restrictions with just one click! Are you tired of seeing CORS errors while accessing APIs, testing web applications, or debugging your projects? The CORS Unblock extension helps you bypass restrictive CORS policies by modifying HTTP response headers, allowing access to restricted resources. 🔹 What This Extension Does: ✅ Removes CORS restrictions on all websites ✅ Automatically adds the Access-Control-Allow-Origin: * header ✅ Works on APIs, JavaScript fetch requests, and browser requests ✅ One-click enable/disable functionality 🔹 Who is This For? Developers testing APIs and making cross-origin requests Web Designers embedding content from different origins Researchers analyzing cross-domain data Anyone frustrated with CORS errors in Chrome 🔹 How to Use: 1️⃣ Install the extension 2️⃣ Click the CORS Unblock icon in the toolbar 3️⃣ Toggle the extension ON/OFF as needed 4️⃣ Enjoy unrestricted access to APIs and websites This extension only modifies response headers, it does not compromise security. Some websites may still enforce strict CORS policies server-side. Disable the extension when not in use to prevent conflicts with other browsing activities. 💡 Need Support? If you have any issues or feature requests, feel free to leave a review!
CORS Control
控制浏览器CORS设置,方便调试跨域请求 CORS Toggle 是一个面向开发者的 Chrome 扩展,用于在开发调试阶段临时开启或关闭跨域(CORS)限制。只需一键,即可为响应添加 Access-Control-Allow-Origin: * 等常用 Header,快速绕过浏览器同源策略带来的调试阻碍。请勿用于生产环境。 ⸻ ✨ 功能特性 • 一键启用 / 关闭 CORS 处理(图标状态实时显示) • 注入常见 CORS 响应头(如:Access-Control-Allow-Origin: *) • 支持自定义允许的域名(可选) • 零数据采集、零网络上报 ⸻ 🧑💻 使用场景 • 前端联调第三方 API • 本地开发中遇到跨域限制 • 快速验证后端 CORS 配置是否影响请求 ⸻ 🔐 权限说明(为什么需要这些权限?) 扩展使用了以下权限,仅用于实现“响应头注入 / 修改”的技术功能,不会用于其他目的: • webRequest, webRequestBlocking: 拦截并修改响应头,添加 CORS 相关字段 • : 允许对所有请求生效(可在后续版本中提供域名白名单设置) • (如果使用了存储)storage: 保存你的开关状态或白名单配置 我们不读取页面内容,不跟踪你的访问行为。 ⸻ 🔒 隐私政策 • 我们不收集、不存储、不共享任何用户个人数据或浏览记录。
