Stable signalNo paid features detectedHigh-risk permissions
CORS Unblock icon

CORS Unblock

No more CORS error by appending 'Access-Control-Allow-Origin: *' header to local and remote web requests when enabled

Users200KCurrent public install base
Rating4.1Store average score
Reviews175Public review volume
Manifest versionV3Extension platform version
7-day growth0Net users gained this week
7-day growth rate0%Relative weekly velocity
Preview

CORS Unblock Media preview

4 assets
Trend

User growth trend

Review user movement across collected snapshots.

User Growth Over Time

200K200K200K200K200K2026年7月13日2026年7月16日2026年7月19日Latest: 200K
Rating trend

7-day rating trend

View collected rating snapshots from the latest 7-day window to assess rating stability.

7-day rating change

Start
4.08
Latest
4.08
7-day rating change
0.00
3.984.034.084.134.182026年7月13日2026年7月16日2026年7月19日Latest: 4.08
2026年7月13日2026年7月19日
Growth overview

Daily, weekly, and monthly growth

Compare 1-day, 7-day, and 30-day net growth and growth rate.

1-day growthFlat
00%
7-day growthFlat
00%
30-day growthFlat
00%
Technical snapshot

Version, languages, and crawl freshness

Review publication date, version, supported languages, and crawl timestamps.

Version0.5.2
ManifestV3
Size198KiB
Languages1English
Published
Store updated
Last crawled
English
Overview

Product summary

Review the store description, core capabilities, and common use cases.

This extension bypasses the "XMLHttpRequest" and "fetch" rejections by altering the "Access-Control-Allow-Origin" and "Access-Control-Allow-Methods" headers for every request that the browser receives. You can activate the extension by pressing the action button. Also, use the right-click context menu over the action button to modify which headers the extension manipulates. You can also ask the extension not to overwrite these headers when the server returns values for them.

The default values for the headers:

Access-Control-Allow-Origin: request initiator or empty

Access-Control-Allow-Methods": GET, PUT, POST, DELETE, HEAD, OPTIONS, PATCH, PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK

Access-Control-Allow-Methods: request initiator or empty

Access-Control-Allow-Credentials: true

Reviews

Recent review snapshot

Inspect the latest comments and rating distribution.

Store average score4.1Chrome Web Store aggregate rating, including ratings without synced review text
Synced text average4.0Average computed only from synced review bodies below
Reviews with text131Synced review bodies
Total ratings / reviews175Chrome Web Store public rating/review count

Store average score: 4.1. The bars below are calculated from synced review text only, so they may be empty for extensions that have public ratings but no synced comments yet.

5
85
4
9
3
7
2
7
1
23
Cristian Enache2024年3月20日
3

It has a BIG BUG when "credentials": "includes" exists in fetch request. The extension puts wildcard * in Access-Control-Allow-Methods and this make CORS to block the request.

Version 0.3.8Language en
2 helpful · 0 not helpful
Ирина Комар2024年1月26日
5

Работает. Правда при создании api пришлось поменять значение withCredentials на false.

Version 0.3.7Language ru
2 helpful · 0 not helpful
Aleksei Lunin2024年1月24日
5

Works as expected

Version 0.3.7Language en
0 helpful · 1 not helpful
Mehrob Jamolov2024年1月22日
1

Никак не работает, бесполезная штука.

Version 0.3.7Language ru
6 helpful · 4 not helpful
Bryan Lee Wen Swen2024年1月21日
5

Does exactly what it says

Version 0.3.7Language en
1 helpful · 0 not helpful
Dat Nguyen2024年1月15日
5

works perfectly

Version 0.3.7Language en
Eugene Ledenev2024年1月9日
5

Awesome! Thank you!

Version 0.3.7Language en
___what2024年1月9日
5

does exactly what it does, a lot better than all the other CORS extensions!

Version 0.3.7Language en
Vigen Pouya (47Vigen)2023年12月30日
5

It was better than related extension!

Version 0.3.7Language en
Gaurav Kumar2023年12月23日
5

Worked for me using fetch

Version 0.3.7Language en