Allow cross-domain requests by override Origin and CORS headers. Log/capture XmlHttpRequest API calls for debugging and analytics.
This plugin allows you to send cross-domain requests directly from browser without receiving Cross Origin Errors.
You can override the Request Origin header with this plugin and also have Access-Control-Allow-Origin set to *.
Update: We removed email list signup and added ability to log and capture API calls. Migrated from Chrome Manifest V2 to V3, due to the new V3 "storage" api, your old settings may need to be reentered.
You can override:
Request Headers: Origin
Response Headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Headers, Access-Control-Allow-Credentials, Access-Control-Expose-Headers
Guide on CORS:
https://www.moesif.com/blog/technical/cors/Authoritative-Guide-to-CORS-Cross-Origin-Resource-Sharing-for-REST-APIs/
API Logging & Capture:
You can capture any Ajax, XmlHttpRequest, or fetch API requests made by any page, and send to your Moesif account for analytics and debugging.
DISCLAIMER: This tool circumvents CORS security rules baked into every browser and is intended for testing your own website during development. Some production websites like Google Docs or Facebook may complain if they detect something that isn't expected. You can use the whitelist feature to only turn on for some domains. To avoid security issues, it is recommend to turn off after debugging.
About Moesif API Monetization and Observability:
Moesif (https://www.moesif.com) enables API teams at UPS, You.com, Deloitte, and others to deeply understand customer API usage and ship better API products with user-centric API analytics and monetization, which enables you to:
- Understand customer API usage with user behavior analytics.
- Debug issues quickly with high-cardinality API logs and metrics.
- Get alerted of problems that impact customers.
- Track API KPIs with custom dashboards.
- Meter API usage and set up billing meters with integrations with Stripe, Chargebee, and custom billing platforms.
By using this extension, you agree to Moesif's terms of use (https://www.moesif.com/terms) and privacy policy (https://www.moesif.com/pravicy).
Latest reviews
- (2024-06-03) Wayne Mao: The domain whitelist works well, but the plugin doesn't support web fonts. For web fonts, it needs Access-Control-Allow-Origin: * Store doesn't allow me to add a new review, so I edit the previous review to report a bug in recent release: The 'Allow-Control-Expose-Header' should return '*' by default, which is not returning empty Hope the dev team can take a look. The workaround is to manually set the value to '*'
- (2023-04-26) Nguyễn Huy Hùng: It worked, so great! Thank you
- (2023-02-16) Satish Patro: I don't see this in response header in dev tools, I did open advanced part & registered mail & saved it
- (2022-12-14) Ford D: Does not work without email. Does not accept gmail as email to unlock features. Uninstalled.
- (2022-12-13) Dmitry Maslov: Just not working out of box after switching it On
- (2022-04-28) Alexander Druzhinin: works for me
- (2022-03-29) Артем Садовщиков: требует рабочий email
- (2021-11-20) Snow zyk: great fix my problem on chrome site
- (2021-11-15) Garry Passarella: Doesn't work, and demands an email address to access advanced options.
- (2021-11-10) Alex: Ohne Einstellungen nicht wirklich nützlich.
- (2021-10-11) m k: 非常方便,很好用,用这个插件不用搞其他各种配置,直接访问也不会跨域了
- (2021-08-28) Faysal Shuvo: works like a charm for me!
- (2021-07-24) wearey: Does not work with fetch
- (2021-07-06) Andreas Basso: Very very useful to fix quickly the CORS issue !! Now i have my own proxy to bypass this issue but this app help me a lot, thanks !
- (2021-06-25) Kristina Mason: I can't get this to work in Chrome, only Edge. I downloaded it in Chrome and it showed very briefly in my toolbar and then disappeared. I can see it in my list of Extensions and it's active, but I can't get to the actual app icon in the toolbar to turn it on or off. The icon showed up with a grey "off" on it, and then disappeared.
- (2021-06-09) Aaron Wentzel: It doesn't work on latest macOS + Microsoft Edge
- (2021-05-01) Greg Quinn: Works as intended, a great help for me when developing locally on my game SuperTrucks Offroad 2!
- (2021-04-25) Will Pan: macOS 11.2.1 Chrome/90.0.4430.85 didn't work for me
- (2021-04-24) NK SleepyBani: It works I LOVE YOU <3
- (2021-03-11) Nino Trnovský: this changed my life for good. the creator has big pp energy kudos to him. i wish 72 virgins upon the creator.
- (2021-03-06) Ehsan Alimohammadi: Unfortunately, it doesn't work for me. I used chrome v89 and relaunch, clear cache. I think in new version of Chrome this plugin doesn't work. When I run chrome with --disable-web-security argument, CORS disabled actually but with this plugin I can't. Do you have any solution to solve problem?
- (2021-03-05) José Carneiro: Doesn't allow configuration without submiting email.
- (2021-02-21) moein_dev: add auto disable for youtube cause youtube blocks i from watching when yout extension is on
- (2021-02-07) Filip 769: works
- (2021-02-01) Dongdong Zhu: 挺好的,可以解决跨域问题
- (2020-12-30) Kirill Kolchin (spiilmusic): Does not work. Requires registration.
- (2020-12-08) Johanna Liljecrantz: Dose not work at all, tried outer plugins that work for some things. This one dose not work at all...
- (2020-11-07) Karl E: Doesn't seem to work at all.
- (2020-10-14) Dawid Mrtn: Works
- (2020-10-05) J Romero: Refuses to accept my work email.. for some reason Gmail is not to their liking. Uninstalled
- (2020-09-08) 강은진: It works for me. Good.
- (2020-07-27) Ярослав Голобородько: in new chrome doesnt work
- (2020-07-14) George Mansour: once installed most of google products started mis-behaving maps.google.com would load the html and not the site youtube would not play the video
- (2020-06-28) Shang Sahadev: 不错,简单易用
- (2020-06-26) Faris Adlan: nice i dont need setting cors permission again ahahha
- (2020-04-11) Victor: It Doesnt work for me, still the same error: "Access to XMLHttpRequest at 'localhost:8080/api/users/login' from origin 'http://localhost:4200' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-extension, https."
- (2020-03-20) Alex Grafov: Doesn't work at all...
- (2020-03-18) Иван М: не работает. введите ваш емаил что бы получить 5 звёзд
- (2020-03-10) LIANF JI: 非常好用
- (2020-02-09) Cory RS: I'm not giving you my work email. But I'll use yours lol [email protected] worked for me
- (2020-01-28) Nick Welsh: works, but I want to control which domains it will run on.
- (2020-01-27) 땀땀이투기장: it works very well
- (2020-01-24) Boris D. Teoharov: It adds headers as advertised but it has no UX to control them unless you provide an email of yours. It also does not accept gmail emails (Not only that this is intrusive but some of us do not have any other email than the Gmail one). My opinion on this extension is that it is not made to help you but rather to gather some of your personal data.
- (2020-01-16) Martin Pedraza: life saver !! thanks !!
- (2020-01-15) Evin Revello: This failed to work as expected with fonts.
- (2020-01-10) Hua Trung: this extension is the only one helping with CORS i found on store, thank you. love it
- (2020-01-08) Codeigniter Hocası: ı love it good job
- (2019-12-30) John Pool: I had a problem with YouTube videos that did no longer play (black screens), and some other mysterious problems with web pages that failed to load (e.g. in Google Cloud Console). I discovered that Moesif Orign & CORS Changer 0.4.3 was the culprit, so I removed it again from Chrome.
- (2019-12-05) Jordi Sabaté: Needs email to use advanced function
- (2019-12-01) abhijeet dhumal: One of the best extension, works flawlessly.