← Back to Discord Forum

Is it possible to disable the CORS pre-flight request when using extraHTTPHeaders?

FYI - I'm passing in an authentication header value for Playwright to access a private system. Unfortuneately without the auth header value, the ORIGIN pre-flight fails with a 403. So I'd rather skip it and just do a normal GET request with the auth header value.

This thread is trying to answer question "Is it possible to disable the CORS pre-flight request when using extraHTTPHeaders?"

0 replies


Disabling CORS Pre-flight Requests in Playwright

Yes, you can disable the CORS pre-flight request when using extraHTTPHeaders in Playwright. The CORS pre-flight request is a browser's additional HTTP request to check if the server allows cross-origin requests.

Code Example

Here's how you can disable CORS pre-flight requests using extraHTTPHeaders:

import { chromium } from 'playwright';

async function main() {
  const browser = await chromium.launch();
  const context = await browser.newContext({
    extraHTTPHeaders: {
      'Access-Control-Allow-Origin': '*',
  const page = await context.newPage();

  // Perform your actions on the page

  await browser.close();


In this example, we create a new context with extraHTTPHeaders set to include 'Access-Control-Allow-Origin': '*'. This allows any origin to access resources on our server without triggering a CORS pre-flight request.


Disabling CORS pre-flight requests should be used with caution and only in development or testing environments where security concerns are not critical. In production environments, it is recommended to properly configure your server's CORS settings instead of disabling pre-flight requests.

I hope this helps! If you have any further inquiries, feel free to ask.

Related Discord Threads

AboutQuestionsDiscord ForumBrowser ExtensionTagsQA Jobs

Rayrun is a community for QA engineers. I am constantly looking for new ways to add value to people learning Playwright and other browser automation frameworks. If you have feedback, email luc@ray.run.