extension ExtPose

CORS Unblock

CRX id


Description from extension meta

No more CORS error by appending 'Access-Control-Allow-Origin: *' header to local and remote web requests when enabled

Image from store CORS Unblock
Description from store This extension provides control over XMLHttpRequest and fetch methods by providing custom "access-control-allow-origin" and "access-control-allow-methods" headers to every requests that the browser receives. A user can toggle the extension on and off from the toolbar button. To modify how these headers are altered, use the right-click context menu items. You can customize what method are allowed. The default option is to allow 'GET', 'PUT', 'POST', 'DELETE', 'HEAD', 'OPTIONS', 'PATCH' methods. You can also ask the extension not to overwrite these headers when the server already fills them. This extension also fixes CORS policies of redirected URLs. Default values: Access-Control-Allow-Origin: request initiator or '*' Access-Control-Allow-Methods: 'GET, PUT, POST, DELETE, HEAD, OPTIONS, PATCH, PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK' Access-Control-Allow-Methods: request initiator or '*' Access-Control-Allow-Credentials: 'true' Access-Control-Expose-Headers: request initiator or '*' To report bugs please use: https://github.com/balvin-perrie/Access-Control-Allow-Origin---Unblock Change Log: 0.1.7: 1. Supports WEBDAV methods

Latest reviews

  • (2021-04-12) Sasha Pyrozhok: Please note in documentation and extensions store that this extension break Google Hangoutes and can cause other issues with Slack e.t.c! So it should be disabled before calls. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
  • (2021-04-12) David Klempfner: Doesn't work. I'm using Version 89.0.4389.114 (Official Build) (64-bit).
  • (2021-04-03) Vladimir: Helped to bypass CORS error in Chrome: Cross-Origin Resource Sharing error: MissingAllowOriginHeader
  • (2021-03-19) Wagner oliveira rodrigues: Muito bom!!! Testei diversos apenas esse me atendeu Parabéns
  • (2021-03-17) Carlos de la Orden: Be careful this breaks other apps, like Hangouts inside Gmail. It is supposed to unblock, not to block content. Not recommended, but if you really need to use it for development purposes, enable it only after clicking on it on specific websites. Your general web surfing will be affected otherwise.
  • (2021-03-17) Blake La Pierre: Doesn't seem to work for iframes from different domains (codepen.io cdpn.io)
  • (2021-03-14) FreebooterFox: Fixes an issue with reddit videos not playing. Breaks functionality practically anywhere else. I have mixed feelings about what seems to be a requirement to now actively manage functionality of a browser and/or website that should function well enough on its own, but it is what it is, and that's not the fault of the developer of this extension.
  • (2021-03-01) Felipe Az: Show perfeito
  • (2021-01-20) Andrew Pilipczuk: Breaks drive.google.com for me if enabled for all sites.
  • (2021-01-01) Stephen: Works very well and very well thought, by default it's disabled for security reasons but it can be enabled on a site-by-site basis by just clicking the icon, perfect for local javascript development! Also worth mentioning the plugin is opensource and also available on Firefox and Microsoft Edge in addition to Google Chrome. Kudos to the developers for such an easy and well working plugin!
  • (2020-12-16) Ilton Andrew: Brabo
  • (2020-12-13) Dan Rotaru: Add whitelist site, sites where extension will dont work
  • (2020-12-12) Eoin Ó Raghallaigh: Didn't work. Simple as that.
  • (2020-12-08) Tatsuya Amagai: This does not work for local html & local file. Sample html is below: --- <html> <body> <script type="text/javascript" src="https://mozilla.github.io/pdf.js/build/pdf.js"></script> <script type="text/javascript" src="https://mozilla.github.io/pdf.js/build/pdf.worker.js"></script> <script type="text/javascript"> var url = "file:///Users/amagaiwork/Desktop/sample.pdf"; var pages = [], heights = [], width = 0, height = 0, currentPage = 1; var scale = 1.5; function draw() { var canvas = document.createElement('canvas'), ctx = canvas.getContext('2d'); canvas.width = width; canvas.height = height; for(var i = 0; i < pages.length; i++) ctx.putImageData(pages[i], 0, heights[i]); document.body.appendChild(canvas); } pdfjsLib.disableWorker = true; // due to CORS const loadingTask = pdfjsLib.getDocument(url); loadingTask.promise.then(function (pdf) { getPage(); function getPage() { pdf.getPage(currentPage).then(function(page) { console.log("Printing " + currentPage); var viewport = page.getViewport(scale); var canvas = document.createElement('canvas') , ctx = canvas.getContext('2d'); var renderContext = { canvasContext: ctx, viewport: viewport }; canvas.height = viewport.height; canvas.width = viewport.width; page.render(renderContext).then(function() { pages.push(ctx.getImageData(0, 0, canvas.width, canvas.height)); heights.push(height); height += canvas.height; if (width < canvas.width) width = canvas.width; if (currentPage < pdf.numPages) { currentPage++; getPage(); } else { draw(); } }); }); } }); </script> </body> </html>
  • (2020-11-28) Дмитрий Новиков: Like a charm! Thank you!
  • (2020-11-24) Vasya Pupkin: Works great!
  • (2020-11-22) Dan Rotaru: Работает идеально, ставлю 5 звёзд!
  • (2020-11-17) Vasya Pupkin: Does not work!
  • (2020-11-15) Eachawy ': It's working quite well
  • (2020-10-29) First Name Last Name: Gets the job done. A feature request would be HEAD requests, but I'm not sure if that's possible.
  • (2020-10-23) Martin Mecera: It works. Thanks!
  • (2020-10-01) Default Account: Nice Extension, works well.
  • (2020-09-16) Ivan Yurchenko: cool
  • (2020-09-03) Ashish Chauhan: Works for me!
  • (2020-09-02) Juan Camilo Aguillón: Me ha funcionado perfecto.
  • (2020-08-24) Dennis Gonzales: Does the job done.
  • (2020-08-05) John Bales: Simple Enough
  • (2020-08-04) Array Iterator: OK!! it work with cors, but your extension broke another site :|
  • (2020-08-04) eicto me: Not in this case "The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute" in this case (and, in fact it will work better everywhere), header should be origin of request.
  • (2020-07-28) Kenet brown: not working on my side
  • (2020-07-28) Vital Spark: As of today (28 July 2020), CORS Unblock seems to be breaking Youtube video playback. But it's easy enough to keep it disabled most of the time and enable it quickly if I'm doing a bit of AJAX testing.
  • (2020-07-08) Serega007: Не работает, пишет Uncaught DOMException: Blocked a frame with origin "https://ionmc.top" from accessing a cross-origin frame.
  • (2020-06-30) Stephen Adesina: Amazing, it solved the problem perfectly
  • (2020-04-15) Edgar Valerio Martinez: Me encanto
  • (2020-04-03) Дани́с Тазеев: It just works! Period
  • (2020-03-23) Matt Dickey: Only extension that works for me in chrome 80+. Thank you!
  • (2020-03-23) Рубчук Владимир: nice work
  • (2020-03-20) Tobey Unruh: Works perfectly as advertised. Got around that pesky CORS error even when launching HTM files from Windows Explorer (i.e. file:// protocol). Brilliant!
  • (2020-02-28) Michael Scheible: Works seamlessly
  • (2020-02-12) DangerD D: Doesn't work
  • (2020-01-27) Erhan Saydam: Does not run on Chrome 79.
  • (2020-01-06) Codeigniter Hocası: best solution
  • (2019-12-27) Amós Silas: Desbloqueia na hora. show !!!!
  • (2019-11-30) Serkan Akman: It works perfect in chrome 78. Thank you man
  • (2019-11-22) Subin Sebastian: Works like charm, Note: If you're a first time user, click on the extension icon, it should turn kinda orange color, indicating cors unblock activated. Only then it would work.
  • (2019-11-16) Francisco Prado: It works here. I'm using the most updated Chrome version, on Linux.
  • (2019-10-09) Nazar Paruna: It doesn't work!
  • (2019-09-25) Matthew Heisenberg: not working
  • (2019-09-20) Jamin: Works perfectly!


83,326 history
3.9 (55 votes)
Last update / version
2021-04-11 / 0.1.9
Listing languages