CORS Checker
Test CORS configuration for any API endpoint. Sends a real preflight request and shows which origins, methods, and headers are allowed.
Presets:
One Name: Value pair per line. Forwarded with both the preflight and actual request.
Common Use Cases
- Third-party API integration checkBefore integrating a public API into a frontend app, use the CORS checker to confirm it allows your origin and the HTTP methods you need.
- Backend configuration debuggingIf your frontend is receiving CORS errors, enter your API endpoint to see exactly which origins, methods, and headers your server allows versus what the browser is requesting.
- Wildcard origin auditCheck whether an internal API is accidentally returning Access-Control-Allow-Origin: * and exposing it to requests from any website.
Pro plan — coming soon
Save your history, create reusable presets, and share outputs with a link. One plan, all tools.
See what's planned →Frequently Asked Questions
Related Tools
API Request Builder
Build and send HTTP requests from your browser. Set method, headers, and body, then see the full response with status, headers, and body. Server-side proxy avoids CORS restrictions.
Redirect Checker
Follow HTTP redirect chains for any URL. See every hop with status code, Location header, and timing. Debug redirect loops, broken chains, and final destinations.
HTTP Header Analyzer
Paste raw HTTP response headers and check for missing or misconfigured security headers: CSP, HSTS, X-Frame-Options, and more.