CORS Unblock - An Essential Edge Add-on for Debugging
Add-on stats
Ranking
Add-on summary
This extension bypasses the "XMLHttpRequest" and "fetch" rejections by altering the "Access-Control-Allow-Origin" and "Access-Control-Allow-Methods" headers for every request that the browser receives. You can activate the extension by pressing the action button. Also, use the right-click context menu over the action button to modify which headers the extension manipulates. You can also ask the extension not to overwrite these headers when the server returns values for them.
The default values for the headers:
Access-Control-Allow-Origin: request initiator or empty Access-Control-Allow-Methods": GET, PUT, POST, DELETE, HEAD, OPTIONS, PATCH, PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK Access-Control-Allow-Methods: request initiator or empty Access-Control-Allow-Credentials: true Access-Control-Expose-Headers: request initiator or *
Additional Features:
It can remove the following CSP-related headers: "Content-Security-Policy", "Content-Security-Policy-Report-Only", "X-WebKit-CSP" and "X-Content-Security-Policy".
It can overwrite the returned 4xx status code from the server. Use this feature when a server does not support a method, but you want to pretend it does.
User reviews
- Easy to use
- Effective
- Works fine
- Savior for development work
- Does not work with local file:// javascript
- Easy to use
- Effective
- Does not work with local file:// javascript
User reviews
Add-on safety
Risk impact
CORS Unblock requires a lot of sensitive permissions. Exercise caution before installing.
Risk likelihood
CORS Unblock has earned a fairly good reputation and likely can be trusted.