I’ve created a very simple extension for Firefox that adds the Cross Origin Resource Sharing (CORS)
Access-Control- HTTP headers to all responses before they’re processed by the browser. This essentially disables the browser’s same origin policy and allows cross domain calls even if the web server does not support CORS.
The default setting adds the following headers to every response:
Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET,POST
This can be customized in the
forcecors.headers setting via
about:config, the values are separated by spaces (and yes, you may add arbitrary, cors-unrelated headers :).
The code is available on github, feel free to fork it.
And here’s the link to Mozilla’s “AMO”:
Oh, and a warning: Force CORS circumvents the browser’s same origin policy, so be careful (i.e. don’t use it if you don’t know what you’re doing).
There’s a problem with the Mozilla add-on site.