CORS Unblock

No more CORS error by appending 'Access-Control-Allow-Origin: *' header to local and remote web requests when enabled

What is CORS Unblock?

CORS Unblock is a Chrome extension designed to ease browsing by bypassing CORS-related errors. The extension alters the 'Access-Control-Allow-Origin' and 'Access-Control-Allow-Methods' headers, ensuring seamless web requests. It includes additional features such as支 removing CSP-related headers, overwriting returned 4xx status code, and permitting cross-origin frame embedding among others. CORS Unblock is user-friendly with an option to modify headers according to your need.

Download

Stats

By: balvin.perrie

View on Chrome Web Store

Users: 200,000+

Rating: 4.18 (144)

Version: 0.3.8 (Last updated: 2024-02-11)

Creation date: 2020-05-27

Risk impact: Very high risk impact

Risk likelihood: Moderate risk likelihood

Manifest version: 2

Permissions:

storage
<all_urls>
webRequest
webRequestBlocking
declarativeNetRequest
contextMenus
debugger

Size: 207.87K

Email: ba*****@gmail.com

URLs: Website ,Privacy policy

Stats date:

Chrome-Stats Rank

# 1623 ▼ 18

Other rankings

#2435 in Developer Tools ▲ 6

#7 in unblock keyword 48 ▲ 4

#23 in policy keyword 11 ▼ 2

#91 in header keyword 44 ▼ 11

#94 in server keyword 49 ▲ 1

Upgrade to see more rankings

Other platforms

CORS Unblock (v0.3.8)

3.72 (25) 6,419+

Not available on Edge

Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.

Summary

Analyze keywords

This extension bypasses the "XMLHttpRequest" and "fetch" rejections by altering the "Access-Control-Allow-Origin" and "Access-Control-Allow-Methods" headers for every request that the browser receives. You can activate the extension by pressing the action button. Also, use the right-click context menu over the action button to modify which headers the extension manipulates. You can also ask the extension not to overwrite these headers when the server returns values for them.

The default values for the headers:

Access-Control-Allow-Origin: request initiator or empty Access-Control-Allow-Methods": GET, PUT, POST, DELETE, HEAD, OPTIONS, PATCH, PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK Access-Control-Allow-Methods: request initiator or empty Access-Control-Allow-Credentials: true Access-Control-Expose-Headers: request initiator or *

Additional Features:

It can remove the following CSP-related headers: "Content-Security-Policy", "Content-Security-Policy-Report-Only", "X-WebKit-CSP" and "X-Content-Security-Policy".
It can overwrite the returned 4xx status code from the server. Use this feature when a server does not support a method, but you want to pretend it does.

User reviews

User reviews summary

These summaries are automatically generated weekly using AI based on recent user reviews. Chrome Web Store does not verify user reviews, so some user reviews may be inaccurate, spammy, or outdated.

Pros

Works as expected
Allows parsing HTTP responses
Supports various configurations

Cons

Does not work with 'credentials': 'includes'
Does not work all the time
Can be frustrating when servers are not configured

Most mentioned

Works as expected
Does exactly what it says
Does not work all the time

Recent reviews

Dennis Tessari, 2024-04-12

Not working when CORS header is ignored b/c coming through a unsecure request (http). "The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead."

me notyou, 2024-04-08

not work

PNam, 2022-03-17

View all user reviews

Safety

Risk impact

CORS Unblock is very risky to use and it requires a lot of sensitive permissions. Avoid installing this extension unless you absolutely trust this publisher.