Now running on Cloudflare's edge

The CORS proxy you'll actually trust.

Sick of CORS errors? Prefix your URL, add one header, and call any API from the browser — fast, secure, and serverless.

Free tier included · No credit card to start

fetch("https://proxy.cors.sh/" + url, {
  headers: {
    "x-cors-api-key": "live_••••",
  },
});

Everything a frontend dev needs

Built for the developer who doesn't want to run a server just to dodge a CORS error.

Your API key is public by design — the unforgeable Origin header is the real auth. live_ keys are pinned to your domains; test_ keys work anywhere.

Runs on Cloudflare Workers in 300+ cities. Auth resolves from KV in ~6ms on the hot path, close to your users.

Responses stream through byte-for-byte with flat memory — large payloads and chunked transfers just work.

Prefix your URL and add one header. No SDK, no backend, no build step. Works with fetch, axios, anything.

Per-key allowed origins and upstream targets, generous quotas, and rotation keep a leaked key from costing you.

500,000 requests and 500 GB of bandwidth on Pro. Scale to millions on Team — no per-hour throttling.

Spin up a project in the console and pin it to your origins. You get a live and a test key instantly.

Prefix your request URL with proxy.cors.sh/ and send your key in the x-cors-api-key header.

Your frontend talks to any API, CORS errors gone. Watch requests and bandwidth in the console.

Create a project, grab your key, and make your first proxied request in the next sixty seconds.