CORS Tester

Use this little website to test if a URL is setup correctly to work with CORS.




If your CORS setup is not using a wildcard then this should be a domain that matches your AllowedOrigins


What is CORS?

For security, browsers stop scripts from accessing URLs on different domains. This is done via CORS or Cross-Origin Resource Sharing. It is implemented by looking at the HTTP headers returned by a url. So if you are on google.com and try to access example.com/font.ttf, it will only be allowed if example.com returns a header allowing it. Learn more.

What does this site do?

This site will make a test request to the URL and check if it has valid CORS headers. If it does, you should be good to go when using it in a browser. This website is open source and available here.

Which HTTP method should I use?

If you're loading a script or font, you'll want GET. If you're sending an AJAX request to a URL, you probably want OPTIONS for checking the preflight request. The other options are there just incase you need them.

CORS tester was built by @mscccc. The code is available on GitHub. Sponsored by HTML/CSS to Image.