You must fix the server, not the browser.
: If the preflight is successful, Chrome proceeds with the original GET or POST request. If the server doesn't provide the correct headers, Chrome blocks the response, and you see the infamous "CORS policy" error in your DevTools console. Why Chrome Blocks Your Requests
For other methods (PUT, DELETE, PATCH) or custom headers, Chrome first sends an request to check permissions. cors chrome
While it may be tempting to "disable" CORS, you should never do this in a production environment. Instead, use these professional strategies: 1. Server-Side Configuration (The Correct Way)
fetch('https://api.example.net/data', mode: 'cors', headers: 'Content-Type': 'application/json' You must fix the server, not the browser
: For "non-simple" requests (like those using PUT , DELETE , or custom headers), Chrome sends an OPTIONS request to the server first. This is called a preflight check.
chrome.exe --disable-web-security --user-data-dir="C:\temp\chrome-dev" Why Chrome Blocks Your Requests For other methods
Here's an example of a cross-origin request:
Here's an example of making a CORS request with fetch :