CORS Tester

Online CORS tester for cross-origin request checks, response header analysis, preflight diagnostics, and server config generation

This tool sends requests directly from your browser to the target URL to inspect CORS policy and response headers.

CORS Request Test

Target URL

HTTP Method

Custom Headers (Optional)

Result

Enter URL and click "Test CORS" to start.

CORS Config Generator

Allowed Origins

Allowed Methods

Allowed Headers

Exposed Headers (Optional)

Allow Credentials

Preflight Cache (seconds)

Config Snippet

const http = require('http')

http.createServer((req, res) => {
  res.setHeader('Access-Control-Allow-Origin', 'https://example.com')
  res.setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
  res.setHeader('Access-Control-Allow-Headers', 'Content-Type, Authorization')
  
  
  res.setHeader('Access-Control-Max-Age', '3600')

  if (req.method === 'OPTIONS') {
    res.writeHead(204)
    res.end()
    return
  }

  res.writeHead(200)
  res.end('OK')
}).listen(3000)

Documentation

What is CORS Tester

This tool checks cross-origin behavior of target endpoints, supporting custom methods, headers, body payloads, and diagnostic output.

Key Features

Test CORS with multiple HTTP methods.
Customize request headers and body.
Inspect returned CORS response headers.
Provide diagnostics and reference config code.

Steps

Enter target URL and request settings.
Run test and review status result.
Inspect CORS headers and diagnostics.
Adjust server-side CORS rules accordingly.

FAQ

Why can request succeed but CORS still fail?

Reachability does not imply CORS permission. Access-Control-Allow-* values must match origin, method, and headers.

What usually causes preflight failure?

Missing allowed headers/methods, or incorrect handling of OPTIONS requests on the server.

CORS Request Test

Result

CORS Config Generator

Config Snippet

Related Tools

CORS Config Generator

API Contract Tester

Cookie Editor

CSR Generator & Viewer

WebSocket Online Tester

Computer System Check

CSP Policy Generator

Cloudflare Network Speed Test

Documentation

What is CORS Tester

Key Features

Steps

FAQ

Why can request succeed but CORS still fail?

What usually causes preflight failure?