CORS Preflight Simulator

Simulate a browser CORS preflight without making any network requests.

Request

Target URL Origin Method Request headers (one per line) Include credentials (cookies, Authorization)

Preflight plan

Fill in URL and origin to see the simulated request.

Server response (paste raw headers)

About this tool

Given a target URL, request origin, method, custom request headers and credentials flag, compute exactly what OPTIONS preflight (if any) a browser would send. Paste the server's response headers and the tool verifies whether the actual cross-origin request would succeed — explaining every reason for failure (origin mismatch, method not allowed, missing header, credentials + wildcard, etc.).