Use this little website to test if a URL is setup correctly to work with CORS.
Shareable link: https://cors-test.codehappy.dev/?method=get&origin=https%3A%2F%2Fcors-test.codehappy.dev%2F&url=https%3A%2F%2Fplanet.osm.org%2Freplication%2Fchangesets%2F005%2F911%2F899.osm.gz
These are the response headers received when making the request.
accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 97fdd5b6f78cb407-YYZ
connection: keep-alive
content-length: 6265
content-type: application/vnd.openstreetmap.data+xml
date: Tue, 16 Sep 2025 05:06:30 GMT
etag: "5f191936a3d18e257b0881cb07d42c81"
last-modified: Thu, 07 Mar 2024 10:25:08 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-id-2: B3CZKzKX0lciauipWZH8vElpXheEhOt0tkwMQEHRrjJaWc1vNBuWtbbIHF3xU7UnWxUBKq4r+JI=
x-amz-replication-status: COMPLETED
x-amz-request-id: 2BQ33CTYHVNF8WWY
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-version-id: J_cU7dgcpciuychpj90It0cnAKNWU.Cv
CORS tester was built by @mscccc. The code is available on GitHub. Sponsored by HTML/CSS to Image.