Home
Cross-origin
Allow-cors-access-control-allow-

Allow CORS: Access-Control-Allow-Origin

3.4

242 Ratings

700.0K

Installs

Sep 04, 2023

Updated

Download

#Cross-Origin #Security #Web Security

What is Allow CORS: Access-Control-Allow-Origin

Allow CORS: Access-Control-Allow-Origin plugin allows easy addition of (Access-Control-Allow-Origin: *) rule to the response header, enabling cross-domain Ajax requests in web applications

It unblocks the CORS feature, which is blocked by default in modern browsers, and provides a toggle button for activation

Similar Web Traffic For https://mybrowseraddon.com/access-control-allow-origin.html

3.3M: Last Month's Visits
10.8M: Last 3 Month's Visits
--: Last 6 Month's Visits

Total Visitors

Visits Over Time

3.3M

Top Countries

Top 5 Countries

Traffic Sources

Marketing Mix

100%

3.4

242 Ratings

See all reviews

Didn't work. I installed it, then reloaded my local page (file://yadda yadda). CORS is still blocked. Tried the test page and I get: CORS is blocked for GET ✖ So either the extension doesn't work or it's too complicated to use. My steps: Install > Enable extension > Go to my page > Add to white list > Refresh and test > Go to test page ...so yeah, I'm giving up. If this thing is supposed to work then it needs better UX.

Yes this actually works fine (unlike some CORS extensions), however... IF YOU ARE THE DEVELOPER, DON'T YOU READ YOUR REVIEWS? Users are not realising they need to switch on the extension by clicking on the "C" logo. Therefore many think your product is broken, which is the reason for most of your 1 star reviews. Just add an obvious On/Off switch instead of using the logo.

Not works in the following case, header should be origin of request, if exists The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute --- seems dev fixed it. Thanks!