Use this little website to test if a URL is setup correctly to work with CORS.
Shareable link: https://cors-test.codehappy.dev/?url=https%3A%2F%2Fplanet.openstreetmap.org%2Freplication%2Fchangesets%2Fstate.yaml
These are the response headers received when making the request.
accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 3600
cf-cache-status: DYNAMIC
content-length: 69
content-type: binary/octet-stream
date: Fri, 06 Feb 2026 23:39:07 GMT
etag: "0a2804a4da267ecc0aa47105f26c1551"
last-modified: Fri, 06 Feb 2026 23:38:47 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-id-2: 1iwfPv5XA61TSvCQOcbiqCRlwm53AsBiWubwRpIUyCB6d42dCZ4VEROx59ZD2iW82RmbvsLvMrD0dX6u6BWoJw2SmcqJzpdS
x-amz-replication-status: COMPLETED
x-amz-request-id: 3JXSJGMWHW1AK4R0
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-version-id: kyOfXkHsJpHyFtazOXf69VBYOQLXF7tn
CORS tester was built by @mscccc. The code is available on GitHub. Sponsored by HTML/CSS to Image.