Use this little website to test if a URL is setup correctly to work with CORS.
Shareable link: https://cors-test.codehappy.dev/?method=get&origin=https%3A%2F%2Fwww.quizland.co.uk%2F&url=https%3A%2F%2Fwww.davejohnson.co.uk
This url can only be loaded by pages that match https://www.quizland.co.uk. If you're trying to load it from a different origin and it's not working, you'll need to change it so the access-control-allow-origin header is set to *.
These are the response headers received when making the request.
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.quizland.co.uk
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 9a693113f7931cd6-ORD
connection: keep-alive
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sun, 30 Nov 2025 09:06:58 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 30 Nov 2025 09:06:58 GMT
panel: hpanel
platform: hostinger
pragma: no-cache
server: cloudflare
set-cookie: PHPSESSID=56pggfl7injg5na6kasosvlc3k; path=/; domain=.davejohnson.co.uk; secure
transfer-encoding: chunked
vary: Origin, accept-encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.0.30
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1
CORS tester was built by @mscccc. The code is available on GitHub. Sponsored by HTML/CSS to Image.