Disclosure

Transparency about links, funding, accuracy, and your data — per FTC guidance.

corsverdict is free. Some outbound links — for example to API gateways, backend/hosting providers, or developer tools — may be affiliate links: if you sign up through them we may earn a commission at no extra cost to you. Paid links are marked rel="sponsored nofollow".

We only link to things that are genuinely useful, and a commission never changes what the checker reports. Every verdict follows the published methodology and the WHATWG Fetch/CORS rules it cites.

Informational, not a security audit. corsverdict resolves the CORS protocol statically from the headers you paste. It does not make a live request and therefore cannot account for server-side redirects, proxies/CDNs, non-standard browser behavior, or other security controls. It is not affiliated with the WHATWG, any browser vendor, or any hosting provider. Always confirm against your real server and your browser’s devtools Network tab before relying on a result.

Your privacy: this is a static, client-side tool. The origin, headers, and other values you paste are processed in your browser and are never uploaded — there is no backend and nothing is logged.