| Advertisement |
Support Development
PayPal ● ●
Bitcoin Address: 1sM2BrTH8BRgt3quiASK8TmYSafutNvDo ![]()
Dogecoin Address: DFdSGpGMZ2EZVkjyqNrYCEysK92DFPonx4 ![]()
| Advertisement |
What is the "Access-Control-Allow-Origin - Unblock" add-on and how can I use it?
This extension is a simple tool for developers to unblock CORS error when the server does not explicitly allow it. By default, if there is no "access-control-allow-origin" header in the response request, the browser does not allow XMLHttpRequest method for the fetch method from accessing the resource. When this extension is enabled, each web request will be appended with "access-control-allow-origin: *" header. This way you can perform the XMLHttpRequest method without getting any error. If this header is not provided you will get:
Access to XMLHttpRequest at *** from origin *** has been blocked by CORS policy: Method *** is not allowed by Access-Control-Allow-Methods in preflight response.
while doing a XMLHttpRequest or fetch request. Note that this extension is disabled by default. You will need to enable it if you need to bypass this CORS error while developing. It is not recommended to keep the addon enabled all the times for two reasons: 1. When the extension is enabled, all web requests are being monitored and each one is appended with these two headers. 2. it is not safe to allow unwanted JS script from having access to all resources when they are not explicitly allowed. Note that when the extension is disabled, there is no observer for your network, hence the extension does not use any resource at all
recommended "Gmail™ Notifier (Developer Edition)" extension for Chrome, Firefox, and Edge browsers
A browser extension to get notified (desktop notification and sound alarm) of unread emails on one or more search queries. This extension supports multiple accounts and does not require credentials to operate. Read more here.
What's new in this version?
Please check the Logs section.
What happens if a web request already has either "access-control-allow-origin" or "access-control-allow-methods" headers?
It depends on your settings. By default, the extension overwrites both of these headers. If you want to keep the original values, use the right-click context menu to disable overwriting when the headers exist. You can disable overwriting for each of these headers separately
How can I know if the extension is enabled?
When the extension is enabled, the toolbar button is colorful and if your mouse is placed over the toolbar button, you will get the status in the tooltip area.
I like to keep this extension enabled all the time, but it conflicts with some websites like "aliexpress.com". Any way to limit it to certain hostnames?
The extension does not offer this feature. However, if you are on a Chromium browser, right-click on the action button and select "This can Read and Change Site Date" and limit the extension access to the hostnames that you need.
Please keep reviews clean, avoid the use of improper language and do not post any personal information.
| Permission | Description |
|---|---|
| storage | to save user preferences like enable or disable status after browser restart |
| <all_urls> | to be able to monitor and alter all web requests when the extension is enabled |
| webRequest | to be able to add network observer |
| webRequestBlocking | to be able to append custom headers to each web request when enabled |
| contextMenus | to add options to the right-click context menu item over the toolbar button |
