What is CORS Unblock?
Add-on stats
Ranking
Add-on summary
This extension bypasses the "XMLHttpRequest" and "fetch" rejections by altering the "Access-Control-Allow-Origin" and "Access-Control-Allow-Methods" headers for every request that the browser receives. You can activate the extension by pressing the action button. Also, use the right-click context menu over the action button to modify which headers the extension manipulates. You can also ask the extension not to overwrite these headers when the server returns values for them.
The default values for the headers:
Access-Control-Allow-Origin: request initiator or empty Access-Control-Allow-Methods": GET, PUT, POST, DELETE, HEAD, OPTIONS, PATCH, PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK Access-Control-Allow-Methods: request initiator or empty Access-Control-Allow-Credentials: true Access-Control-Expose-Headers: request initiator or *
Additional Features:
It can remove the following CSP-related headers: "Content-Security-Policy", "Content-Security-Policy-Report-Only", "X-WebKit-CSP" and "X-Content-Security-Policy".
It can overwrite the returned 4xx status code from the server. Use this feature when a server does not support a method, but you want to pretend it does.
User reviews
- Easy to use
- Effective
- Works fine
- Savior for development work
- Does not work with local file:// javascript
- Easy to use
- Effective
- Does not work with local file:// javascript
Recent reviews
Add-on safety
Risk impact
CORS Unblock is very risky to use and it requires a lot of sensitive permissions. Avoid installing this add-on unless you absolutely trust this publisher.
Risk likelihood
CORS Unblock is probably trust-worthy. Prefer other publishers if available. Exercise caution when installing this add-on.