What is a CORS preflight request?
Non-simple requests trigger an OPTIONS preflight first. The server must return correct CORS headers for both OPTIONS and the actual request.
DevTools CORS Checker inspects Access-Control-Allow-Origin and related response headers for a URL via server proxy—to diagnose browser cross-origin blocks.
Check whether a URL returns correct CORS response headers and diagnose cross-origin access issues.
Frontend calls to third-party APIs often fail when CORS headers are missing. Enter an API URL to see relevant headers and guidance.
Non-simple requests trigger an OPTIONS preflight first. The server must return correct CORS headers for both OPTIONS and the actual request.
Fine for public read-only APIs. With cookies or sensitive data, specify exact origins—Allow-Credentials cannot be used with *.
The check uses a server route for the request; URLs are not kept as persistent history.
Yes. No registration required.
Convert between common formats: CSV/JSON, YAML/JSON, TOML/JSON, Markdown/HTML, timestamps, image Base64, text encodings, and number bases.
Format and beautify SQL, HTML, XML, and YAML, plus a regex debugger—all run locally in the browser, free with no sign-up.
Full JSON toolkit: format, validate, minify, convert to CSV/XML, diff, generate and validate Schema, JSONPath, and tree view—all processed locally in the browser.
Upload a logo, preview browser and Google search results, configure iOS/Android icons, and generate a complete favicon package in one click.