cors_test
ActiveTool of IA-QA — 130+ QA & Dev Tools for AI Agents
Test a URL for CORS misconfigurations. Sends preflight (OPTIONS) and cross-origin requests with various Origin headers to detect: wildcard origins with credentials, origin reflection (echoing any origin), null origin acceptance, subdomain wildcard bypass, and missing Vary headers. Returns risk level (safe/low/medium/high/critical), per-test results, and fix recommendations. Essential for API security audits.
Parameters schema
{
"type": "object",
"required": [
"url"
],
"properties": {
"url": {
"type": "string",
"description": "Full URL to test (e.g. https://api.example.com/endpoint)"
},
"origin": {
"type": "string",
"description": "Custom Origin header to test (default: tests multiple origins automatically)"
}
}
}No endpoints wrapped at confidence ≥ 0.70.
Parent server
IA-QA — 130+ QA & Dev Tools for AI Agents
https://github.com/jcjamet/ia-qa
1/7 registries