CORS Tester

How CORS Works

• Access-Control-Allow-Origin: Specifies which origins can access (*, specific domain, or null)
• Access-Control-Allow-Methods: HTTP methods allowed (GET, POST, etc.)
• Access-Control-Allow-Headers: Custom headers allowed in requests
• Access-Control-Allow-Credentials: Whether cookies/auth headers are allowed
• Preflight Request: Browser sends OPTIONS request first for complex requests