CORS Unblock

No more CORS error by appending 'Access-Control-Allow-Origin: *' header to local and remote web requests when enabled

▶

CORS Unblock Chrome Extension: No More CORS Errors

CORS Unblock is a Chrome extension designed to ease browsing by bypassing CORS-related errors. The extension alters the 'Access-Control-Allow-Origin' and 'Access-Control-Allow-Methods' headers, ensuring seamless web requests. It includes additional features such as支 removing CSP-related headers, overwriting returned 4xx status code, and permitting cross-origin frame embedding among others. CORS Unblock is user-friendly with an option to modify headers according to your need.

Download

Extension stats

By: balvin.perrie

Users: 200,000+

Rating: 4.16

(162)

Version: 0.3.8 (Last updated: 2024-02-11)

Creation date: 2020-05-27

Risk impact: Very high risk impact

Risk likelihood:

Low risk likelihood

Manifest version: 2

Permissions:

storage
<all_urls>
webRequest
webRequestBlocking
declarativeNetRequest
contextMenus
debugger

Size: 207.87K

Email: ba*****@gmail.com

URLs: Privacy policy

Ranking

# 1,654 ▼ 3

Other rankings

#2724 in Developer Tools ▲ 4

#14 in unblock keyword 74 ▼ 3

#35 in policy keyword 8 ▲ 1

#104 in header keyword 58

#181 in request keyword 13 ▲ 2

Upgrade to see more rankings

Other platforms

Not available on Android

CORS Unblock (v0.3.8)

3.86

(28) 7,190+

CORS Unblock (v0.3.8)

4.30

(12) 53,838+

Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.

Extension summary

Analyze keywords

This extension bypasses the "XMLHttpRequest" and "fetch" rejections by altering the "Access-Control-Allow-Origin" and "Access-Control-Allow-Methods" headers for every request that the browser receives. You can activate the extension by pressing the action button. Also, use the right-click context menu over the action button to modify which headers the extension manipulates. You can also ask the extension not to overwrite these headers when the server returns values for them.

The default values for the headers:

Access-Control-Allow-Origin: request initiator or empty Access-Control-Allow-Methods": GET, PUT, POST, DELETE, HEAD, OPTIONS, PATCH, PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK Access-Control-Allow-Methods: request initiator or empty Access-Control-Allow-Credentials: true Access-Control-Expose-Headers: request initiator or *

Additional Features:

It can remove the following CSP-related headers: "Content-Security-Policy", "Content-Security-Policy-Report-Only", "X-WebKit-CSP" and "X-Content-Security-Policy".
It can overwrite the returned 4xx status code from the server. Use this feature when a server does not support a method, but you want to pretend it does.

User reviews

These summaries are automatically generated weekly using AI based on recent user reviews. Chrome Web Store does not verify user reviews, so some user reviews may be inaccurate, spammy, or outdated.

Pros