Sending CORS Request with Curl

To make a CORS request using Curl, you need to pass an Origin HTTP header that specifies the origin of the request (domain, scheme, or port) other than the destination server address and, optionally, the required HTTP methods and response headers. To pass additional headers to Curl, use the -H command-line option, for example -H "Origin: [URL]" for the Origin header. In this Curl CORS Example, we send a request to the ReqBin echo URL and pass the Origin header with a subdomain to the server. Click Run to execute the Curl CORS request online and see the results.
Sending CORS Request with Curl Run
curl -H "Origin: https://example.reqbin.com" 
   https://reqbin.com/echo
Updated: Viewed: 56027 times

What is Curl?

Curl is a command-line tool that allows users to transfer data over the network. Curl supports over 25+ protocols, including HTTP, HTTPS, FTP, FTPS, and SFTP. Curl is used for testing APIs, uploading files, viewing server response content, and has built-in support for web forms, SSL, HTTP Cookies. Curl works on Linux, Mac, Windows.

What is CORS?

CORS (Cross-Origin Resource Sharing) is a security mechanism based on HTTP headers that provide secure communication between browsers and servers running on different origins. CORS allows a web page from one domain or Origin to access a resource with a different domain (a cross-domain request). CORS was implemented due to the limitations of the single-origin policy. The same-origin policy restricts resources to interact only with resources located in the same domain. CORS is a way for the server to check if the request is coming from an allowed origin and tell the browser not to block it.

Curl CORS Request Syntax

To send a CORS request using Curl use the following syntax:

Curl CORS Request Syntax
curl -H "Origin: [Origin]" [URL]

Curl CORS Request Example

An example of sending a CORS request to a ReqBin URL using Curl. To make CORS requests with Curl, you need to provide an Origin header for your requests:

Curl CORS Request Example
curl -H "Origin: https://example.reqbin.com" https://reqbin.com/echo

How to debug CORS requests using Curl?

The following are examples of debugging CORS requests using Curl:

Sending a regular CORS request

By sending a regular CORS request with the --verbose flag, the server response will include an Access-Control-Allow-Origin header that can be viewed and analyzed.

Curl CORS Regular Request Example
curl https://reqbin.com/echo
   -H "Origin: https://example.reqbin.com" 
   --verbose

Sending a "pre-flight" OPTIONS request

You can send a "pre-flight" OPTIONS request. If the pre-flight request is successful, the response will include the Access-Control-Allow-Origin, Access-Control-Allow-Methods, and Access-Control-Allow-Headers response headers that can be viewed and analyzed.

Curl CORS Preflight Request Example
curl https://reqbin.com/echo
   -H "Origin: https://example.reqbin.com"
   -H "Access-Control-Request-Method: POST"
   -H "Access-Control-Request-Headers: X-Requested-With"
   -X OPTIONS

See also

Generate Code Snippets for Curl CORS Request Example

Convert your Curl CORS Request request to the PHP, JavaScript/AJAX, Node.js, Curl/Bash, Python, Java, C#/.NET code snippets using the ReqBin code generator.