CORS Unblock

CORS Unblock

No more CORS error by appending 'Access-Control-Allow-Origin: *' header to local and remote web requests when enabled

CORS Unblock promo image
What is CORS Unblock?

"CORS Unblock" is a Firefox extension offering control over XMLHttpRequest and fetch methods. It appends custom 'access-control-allow-origin' and 'access-control-allow-methods' headers to every browser request, resolving CORS (Cross Origin Resource Sharing) errors. Its features include toggling on/off from the toolbar, customizing allowed methods, and options to not overwrite server-filled headers. Supports WEBDAV methods.

By: Balvin
Rating: 3.61 (23)
Version: 0.3.8 (Last updated: 2024-02-11)
Creation date: 2019-01-22
Weekly download count: 360
Firefox on Android: No
Risk impact: High risk impact
Risk likelihood: Moderate risk likelihood
Manifest version: 2
  • storage
  • <all_urls>
  • webRequest
  • webRequestBlocking
  • declarativeNetRequest
  • contextMenus
Size: 211.30K
URLs: Website
Stats date:

Other platforms

CORS Unblock
CORS Unblock (v0.3.8)
4.18 (136) 216,096
Not available on Edge
Want to check extension ranking and stats more quickly for other Firefox add-ons? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Firefox Browser Add-ons.
Chrome-Stats extension

This extension provides control over XMLHttpRequest and fetch methods by providing custom "access-control-allow-origin" and "access-control-allow-methods" headers to every requests that the browser receives. A user can toggle the extension on and off from the toolbar button. To modify how these headers are altered, use the right-click context menu items. You can customize what method are allowed. The default option is to allow 'GET', 'PUT', 'POST', 'DELETE', 'HEAD', 'OPTIONS', 'PATCH' methods. You can also ask the extension not to overwrite these headers when the server already fills them.


Default values: Access-Control-Allow-Origin: request initiator or '' Access-Control-Allow-Methods: 'GET, PUT, POST, DELETE, HEAD, OPTIONS, PATCH, PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK' Access-Control-Allow-Methods: request initiator or '' Access-Control-Allow-Credentials: 'true' Access-Control-Expose-Headers: request initiator or '*'

To report bugs please use:

Change Log:

See more
User reviews
User reviews summary
These summaries are automatically generated weekly using AI based on recent user reviews. Firefox Browser Add-ons does not verify user reviews, so some user reviews may be inaccurate, spammy, or outdated.
  • Works well for some users
  • Preferred by frontend developers
  • Includes enable/disable option
  • Does not work with certain versions of Firefox
  • Some sites function improperly when the add-on is enabled
  • Often becomes non-functional
Most mentioned
  • Usability with different versions of Firefox
  • Functional issues
  • Benefits to developers
View all user reviews
Risk impact

CORS Unblock is risky to use as it requires a number of sensitive permissions that can potentially harm your browser and steal your data. Exercise caution when installing this add-on. Review carefully before installing. We recommend that you only install CORS Unblock if you trust the publisher.

Risk likelihood

CORS Unblock is probably trust-worthy. Prefer other publishers if available. Exercise caution when installing this add-on.

Upgrade to see risk analysis details