CORS Bypass : Access-Control-Allow-Origin

CORS Unblock

No more CORS error by appending 'Access-Control-Allow-Origin: *' header to local and remote web requests when enabled This extension bypasses the "XMLHttpRequest" and "fetch" rejections by altering the "Access-Control-Allow-Origin" and "Access-Control-Allow-Methods" headers for every request that the browser receives. You can activate the extension by pressing the action button. Also, use the right-click context menu over the action button to modify which headers the extension manipulates. You can also ask the extension not to overwrite these headers when the server returns values for them. The default values for the headers: Additional Features: 1. It can remove the following CSP-related headers: "Content-Security-Policy", "Content-Security-Policy-Report-Only", "X-WebKit-CSP" and "X-Content-Security-Policy". 2. It can overwrite the returned 4xx status code from the server. Use this feature when a server does not support a method, but you want to pretend it does. 4. It can permit cross-origin frame embedding (by removing the "X-Frame-Options" header) to simplify remote page embedding during local development. 5. It can include or exclude the "referer" and "origin" headers when a server is sensitive to them to work appropriately. 6. The extension optionally uses the "chrome.debugger" to overwrite 4xx status codes (in case a server does not support a method, you can use this feature to pretend the server accepts a response or supports an unsupported method). 7. The extension also optionally fixes CORS policies of redirected URLs. -- It is important to note that this extension fixes preflight requests to permit access to any custom header (when enabled). Links: 1. For reporting bugs, please use the link https://github.com/balvin-perrie/Access-Control-Allow-Origin---Unblock.

CORS Unblocker

Temporarily bypass CORS restrictions to streamline development and testing workflows. CORS Unblocker: Effortless Cross-Origin Development and Testing Simplify API Testing and Web Development Take control of your development workflow with CORS Unblocker, the ultimate tool for bypassing Cross-Origin Resource Sharing (CORS) restrictions. Designed with developers and testers in mind, this extension streamlines the process of working with local and cross-origin APIs. Key Features Instant CORS Bypass Enable or disable CORS restrictions with a single click, removing barriers to seamless API and web application testing. No server-side changes required! Temporary and Secure CORS unblock settings are temporary and automatically reset when the browser closes, ensuring your browsing remains secure. Developer-Focused Design Tailored specifically for developers and testers, this tool simplifies debugging and accelerates workflows for local development and API integrations. Built-In Security Warning Receive clear, built-in warnings about potential security implications when disabling CORS, empowering you to make informed choices. Minimalist, User-Friendly Interface Enjoy a sleek, intuitive UI that makes toggling the CORS unblocker quick and hassle-free. Safe for Development Environments Perfect for debugging and testing without affecting live or production systems, keeping your projects secure. Plug-and-Play Functionality No setup required—just install, enable, and start using immediately. Universal Compatibility Works across all websites and API endpoints, offering a comprehensive solution for cross-origin issues. Why Choose CORS Unblocker? Whether you're a seasoned developer or just starting, CORS Unblocker is an essential tool for enhancing your productivity. Debug, test, and develop faster while keeping your projects secure and efficient. Download now and revolutionize your cross-origin development!

Request Headers (including CORS) Modifier

Modifies request headers (including CORS) for development purposes! 👨🏻‍💻 This Extension is intended for developers and it modifies Request Headers, either through the extension’s main icon or via an exposed API. The API can be accessed from the console or sideloaded scripts (such as Tampermonkey), making it ideal for automated workflows. 💻 The API includes enable() and disable() methods for toggling header modifications directly from the global namespace. You can also add, remove and clear either hostnames or headers, and the passed data can be strings, arrays, objects (for the headers) or arrays of objects. Methods include addHostname, addHostnames, removeHostname, removeHostnames, clearHostnames, addHeader, addHeaders, removeHeader, removeHeaders, clearHeaders. All API methods return a Promise that resolves to a boolean indicating success (true) or failure (false). The extension exposes a global API object window.requestHeaderModifier that allows you to control its functionality programmatically from your browser's developer console, a website's script (if allowed by CSP), or user script managers like Tampermonkey. All API methods return a Promise that resolves to a boolean indicating success (true) or failure (false). 📖 enable window.requestHeaderModifier.enable(); // Enables the header modification functionality. This will apply the currently saved rules. Returns true on success 📖 disable window.requestHeaderModifier.disable(); // Disables the header modification functionality. This will clear all active rules. Returns true on success 📖 addHostname window.requestHeaderModifier.addHostname(hostname); // Adds a new hostname to the list of target hostnames. If the hostname already exists, no change is made. 🔤 Parameter: hostname (string): The hostname to add (e.g., "api.example.com"). 📖 addHostnames window.requestHeaderModifier.addHostnames(hostnames); // Adds multiple hostnames to the list of target hostnames. Duplicate hostnames will be ignored. 📖 removeHostname window.requestHeaderModifier.removeHostname(hostname); // Removes a specific hostname from the list of target hostnames. 🔤 Parameter: hostname (string): The hostname to remove. 📖 removeHostnames window.requestHeaderModifier.removeHostnames(hostnames); // Removes multiple hostnames from the list of target hostnames. Hostnames not found will be ignored. 📖 clearHostnames window.requestHeaderModifier.clearHostnames(); // Clears all hostnames from the list, effectively disabling header modification for all domains until new hostnames are added. 📖 addHeader window.requestHeaderModifier.addHeader(header); // Adds a new custom request header or updates an existing one if a header with the same name already exists. 🔤 Parameter: header (string | object): The header to add. String format: "Header-Name: Header-Value" (e.g., "X-Custom-Auth: mytoken123") Object format: { "headerName": "headerValue" } (e.g., { "X-Client-ID": "app-123" }) // Updating an existing header (will overwrite "MyValue" with "NewValue") await window.requestHeaderModifier.addHeader("X-My-Header: NewValue"); 📖 addHeaders window.requestHeaderModifier.addHeaders(headers); // Adds multiple request headers to the list. If headers with the same names exist, their values will be updated. // Mixing formats and updating existing await window.requestHeaderModifier.addHeaders([ "Cache-Control: no-cache", { "X-My-Header": "UpdatedValue" }, // This will update X-My-Header if it exists ]); // Returns true on success 📖 removeHeader window.requestHeaderModifier.removeHeader(header); // Removes a specific custom request header by its name. The value part of the input is ignored for removal. 🔤 Parameter: header (string | object): The header to remove. Only the header name is considered for removal. String format: "Header-Name: AnyValue" (e.g., "X-My-Header: ignored") Object format: { "headerName": "ignoredValue" } (e.g., { "Content-Type": "ignored" }) 📖 removeHeaders window.requestHeaderModifier.removeHeaders(headers); // Removes multiple request headers from the list. Only the header name is considered for removal. Headers not found will be ignored. 📖 clearHeaders window.requestHeaderModifier.clearHeaders(); // Clears all custom request headers from the list. 🥷 GitHub / Source - https://github.com/lvladikov/request-header-modifier-chrome-extension

CORS Unblock

🚀 Easily unblock Cross-Origin Resource Sharing (CORS) restrictions with just one click! Are you tired of seeing CORS errors while accessing APIs, testing web applications, or debugging your projects? The CORS Unblock extension helps you bypass restrictive CORS policies by modifying HTTP response headers, allowing access to restricted resources. 🔹 What This Extension Does: ✅ Removes CORS restrictions on all websites ✅ Automatically adds the Access-Control-Allow-Origin: * header ✅ Works on APIs, JavaScript fetch requests, and browser requests ✅ One-click enable/disable functionality 🔹 Who is This For? Developers testing APIs and making cross-origin requests Web Designers embedding content from different origins Researchers analyzing cross-domain data Anyone frustrated with CORS errors in Chrome 🔹 How to Use: 1️⃣ Install the extension 2️⃣ Click the CORS Unblock icon in the toolbar 3️⃣ Toggle the extension ON/OFF as needed 4️⃣ Enjoy unrestricted access to APIs and websites This extension only modifies response headers, it does not compromise security. Some websites may still enforce strict CORS policies server-side. Disable the extension when not in use to prevent conflicts with other browsing activities. 💡 Need Support? If you have any issues or feature requests, feel free to leave a review!