How do I bypass the CORS pre-flight request using extraHTTPHeaders in Playwright?


Disabling CORS Pre-flight Requests in Playwright

Yes, you can disable the CORS pre-flight request when using extraHTTPHeaders in Playwright. The CORS pre-flight request is a browser's additional HTTP request to check if the server allows cross-origin requests.

Code Example

Here's how you can disable CORS pre-flight requests using extraHTTPHeaders:

import { chromium } from 'playwright';

async function main() {
  const browser = await chromium.launch();
  const context = await browser.newContext({
    extraHTTPHeaders: {
      'Access-Control-Allow-Origin': '*',
  const page = await context.newPage();

  // Perform your actions on the page

  await browser.close();


In this example, we create a new context with extraHTTPHeaders set to include 'Access-Control-Allow-Origin': '*'. This allows any origin to access resources on our server without triggering a CORS pre-flight request.


Disabling CORS pre-flight requests should be used with caution and only in development or testing environments where security concerns are not critical. In production environments, it is recommended to properly configure your server's CORS settings instead of disabling pre-flight requests.

I hope this helps! If you have any further inquiries, feel free to ask.


Thank you!
Was this helpful?
Still have questions?

If you still have questions, please ask a question and I will try to answer it.

Related Discord Threads

Related Questions

AboutQuestionsDiscord ForumBrowser ExtensionTagsQA Jobs

Rayrun is a community for QA engineers. I am constantly looking for new ways to add value to people learning Playwright and other browser automation frameworks. If you have feedback, email luc@ray.run.