extension ExtPose

Moesif Origin & CORS Changer

CRX id


Description from extension meta

This plugin allows you to send cross-domain requests. You can also override Request Origin and CORS headers.

Image from store Moesif Origin & CORS Changer
Description from store This plugin allows you to send cross-domain requests directly from browser without receiving Cross Origin Errors. You can override the Request Origin header with this plugin and also have Access-Control-Allow-Origin set to *. Update: We received comments from Chromium team that the support for request preflight interception for CORB thus CORS is still to be finalized. At this point this extension should work for some scenarios but not all, we believe it is still most functional of all CORS extensions out there. We'll keep you updated. You can override: Request Headers: Origin Response Headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Headers, Access-Control-Allow-Credentials, Access-Control-Expose-Headers Guide on CORS: https://www.moesif.com/blog/technical/cors/Authoritative-Guide-to-CORS-Cross-Origin-Resource-Sharing-for-REST-APIs/ DISCLAIMER: This tool circumvents CORS security rules baked into every browser and is intended for testing your own website during development. Some production websites like Google Docs or Facebook may complain if they detect something that isn't expected. You can use the whitelist feature to only turn on for some domains. To avoid security issues, it is recommend to turn off after debugging. About Moesif: Moesif (https://www.moesif.com) enables API teams at UPS, Radar, Deloitte, and others to deeply understand customer API usage and ship better API products with user-centric API analytics and monitoring, which enables you to: - Understand customer API usage with user behavior analytics. - Debug issues quickly with high-cardinality API logs and metrics. - Get alerted of problems that impact customers. - Track API KPIs with custom dashboards. - Trigger behavioral emails that keep customers informed. - Detect and Block API threats and abuse including OWASP Top 10 API threats.

Latest reviews

  • (2021-10-11) m k: 非常方便,很好用,用这个插件不用搞其他各种配置,直接访问也不会跨域了
  • (2021-08-28) Faysal Shuvo: works like a charm for me!
  • (2021-07-24) wearey: Does not work with fetch
  • (2021-07-06) Andreas Basso: Very very useful to fix quickly the CORS issue !! Now i have my own proxy to bypass this issue but this app help me a lot, thanks !
  • (2021-06-25) Kristina Mason: I can't get this to work in Chrome, only Edge. I downloaded it in Chrome and it showed very briefly in my toolbar and then disappeared. I can see it in my list of Extensions and it's active, but I can't get to the actual app icon in the toolbar to turn it on or off. The icon showed up with a grey "off" on it, and then disappeared.
  • (2021-06-09) Aaron Wentzel: It doesn't work on latest macOS + Microsoft Edge
  • (2021-05-01) Greg Quinn: Works as intended, a great help for me when developing locally on my game SuperTrucks Offroad 2!
  • (2021-04-25) Will Pan: macOS 11.2.1 Chrome/90.0.4430.85 didn't work for me
  • (2021-04-24) NK Dreamer: It works I LOVE YOU <3
  • (2021-03-11) Nino Trnovský: this changed my life for good. the creator has big pp energy kudos to him. i wish 72 virgins upon the creator.
  • (2021-03-06) Ehsan Alimohammadi: Unfortunately, it doesn't work for me. I used chrome v89 and relaunch, clear cache. I think in new version of Chrome this plugin doesn't work. When I run chrome with --disable-web-security argument, CORS disabled actually but with this plugin I can't. Do you have any solution to solve problem?
  • (2021-03-05) José Carneiro: Doesn't allow configuration without submiting email.
  • (2021-02-21) moein_dev: add auto disable for youtube cause youtube blocks i from watching when yout extension is on
  • (2021-02-07) Filip 769: works
  • (2021-02-01) 朱东东: 挺好的,可以解决跨域问题
  • (2020-12-30) Kirill Kolchin: Does not work. Requires registration.
  • (2020-12-08) Johanna Liljecrantz: Dose not work at all, tried outer plugins that work for some things. This one dose not work at all...
  • (2020-11-07) Karl E: Doesn't seem to work at all.
  • (2020-10-14) Dawid Mrtn: Works
  • (2020-10-05) Jorge Romero: Refuses to accept my work email.. for some reason Gmail is not to their liking. Uninstalled
  • (2020-09-08) 강은진: It works for me. Good.
  • (2020-07-27) Ярослав Голобородько: in new chrome doesnt work
  • (2020-07-14) George Mansour: once installed most of google products started mis-behaving maps.google.com would load the html and not the site youtube would not play the video
  • (2020-06-28) Shang Sahadev: 不错,简单易用
  • (2020-06-26) Faris Adlan: nice i dont need setting cors permission again ahahha
  • (2020-04-11) Victor: It Doesnt work for me, still the same error: "Access to XMLHttpRequest at 'localhost:8080/api/users/login' from origin 'http://localhost:4200' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-extension, https."
  • (2020-03-20) Alex Grafov: Doesn't work at all...
  • (2020-03-18) Иван М: не работает. введите ваш емаил что бы получить 5 звёзд
  • (2020-03-10) LIANF JI: 非常好用
  • (2020-02-09) Cory RS: I'm not giving you my work email. But I'll use yours lol [email protected] worked for me
  • (2020-01-28) Nick Welsh: works, but I want to control which domains it will run on.
  • (2020-01-27) 땀땀이투기장: it works very well
  • (2020-01-24) Boris D. Teoharov: It adds headers as advertised but it has no UX to control them unless you provide an email of yours. It also does not accept gmail emails (Not only that this is intrusive but some of us do not have any other email than the Gmail one). My opinion on this extension is that it is not made to help you but rather to gather some of your personal data.
  • (2020-01-16) Martin Pedraza: life saver !! thanks !!
  • (2020-01-15) Evin Revello: This failed to work as expected with fonts.
  • (2020-01-10) Hua Trung: this extension is the only one helping with CORS i found on store, thank you. love it
  • (2020-01-08) Codeigniter Hocası: ı love it good job
  • (2019-12-30) John Pool: I had a problem with YouTube videos that did no longer play (black screens), and some other mysterious problems with web pages that failed to load (e.g. in Google Cloud Console). I discovered that Moesif Orign & CORS Changer 0.4.3 was the culprit, so I removed it again from Chrome.
  • (2019-12-05) Jordi Sabaté: Needs email to use advanced function
  • (2019-12-01) abhijeet dhumal: One of the best extension, works flawlessly.
  • (2019-11-14) Paul Lessing: Doesn't work, won't allow me to access advanced settings without me consenting to marketing emails
  • (2019-10-31) Polina Krol-Kovalova: Really helps to send ajax, if on the other side on server you do not have any firewall
  • (2019-10-29) Alexey Grigoriev: Does not work in version 78.0.3904.70. For advanced settings requires registration and does not accept personal e-mail
  • (2019-10-28) Calin Cosma: The extension was very useful, but after the latest update of Chrome, when the extension is active youtube videos don't play anymore (eternal loading) and when loading some websites the HTML/JS code is displayed instead of the website being shown. Chrome: Version 78.0.3904.70 (Official Build) (64-bit) OS: Mac OS Mojave 10.14.6 (18G103)
  • (2019-10-19) Yuping Zuo: Please give me a legitimate reason why a Chrome extension would like to get my work email address to "unlock" its features?
  • (2019-10-14) Botond Veress: It's a scam. Collects your email address when it shouldn't, to provide the core functionality. I wouldn't recommend it to anyone.
  • (2019-10-09) Sergey Dorovsky: Только это расширение сработало из всех, что пробовал.
  • (2019-09-26) André Borud: Didn't work when l trying to load a local development page which requested a script from another domain which fails with ...has been blocked by CORS policy... when switch on, reloaded and cache cleared.
  • (2019-09-19) Jagan G: Worked like a charm. Allowed me to fetch the S3 data from my Angular App, which was getting blocked.
  • (2019-08-12) Fer Tli: Only CORS changer that actually worked. Thank you.


200,000 history
3.8 (173 votes)
Last update / version
2020-11-12 / 0.4.7
Listing languages