CORS Test Online — Debug Cross-Origin Issues | Send Web Request
Test CORS (Cross-Origin Resource Sharing) online. Send cross-origin requests from your browser and inspect the CORS headers in the response. Debug why your API blocks or allows requests from different origins.
What is CORS?
Browsers block cross-origin requests by default for security. When your frontend (e.g. app.example.com) calls an API (api.example.com), the browser sends a preflight OPTIONS request. The API must respond with specific headers (Access-Control-Allow-Origin, etc.) to permit the request. CORS testing helps you verify your API is configured correctly.
Testing CORS
Send Web Request lets you send requests from the browser to any origin. You'll see the preflight (OPTIONS) and the actual request. Inspect the response headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Headers. If they're missing or wrong, the browser will block the request.
Example CORS headers
A permissive CORS response might include:
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Headers: Content-Type, AuthorizationUsing proxy mode
When testing an API that doesn't allow your origin, enable proxy mode. The request goes through our server, which adds appropriate headers. Use this to test the API behavior when CORS blocks direct access.
Test CORS
Open Send Web Request to test CORS. Send requests to your API and inspect the CORS headers in the response.
Try it now
Open Send Web Request to test APIs in your browser. No signup, no installation, no account required. Just send.
Open Send Web Request