Quickly inspect headers from any API

A simple Cloudflare worker to query headers of remote urls from client.

This is useful to check for CORS headers, x-frame-options, etc. before embedding a website in an iframe or using it in a website. Doing this prevents unnecessary errors in the console.

Sample usage:

https://header-inspector.r2cache.com/?apiurl=https://example.com&headers=*

{
  "url": "https://example.com",
  "origin": "https://example.com",
  "method": "HEAD",
  "headers": {
    "age": "387750",
    "cache-control": "max-age=604800",
    "cf-cache-status": "DYNAMIC",
    "cf-ray": "8b925cbd75046fb4-CDG",
    "connection": "keep-alive",
    "content-type": "text/html; charset=UTF-8",
    "date": "Mon, 26 Aug 2024 08:13:23 GMT",
    "expires": "Mon, 02 Sep 2024 08:13:23 GMT",
    "last-modified": "Thu, 17 Oct 2019 07:18:26 GMT",
    "server": "cloudflare",
    "x-cache": "HIT"
  }
}

?apiurl=https://example.com&headers=etag,content-type

?apiurl=https://example.com&headers=x-frame-options,access-control-allow-origin

CORS headers would be set to * in the response, so it can be used in websites to check CORS for other websites.

Related

Check for x-frame-options before displaying in iframe: https://stackoverflow.com/questions/15273042/catch-error-if-iframe-src-fails-to-load-error-refused-to-display-http

Worker Code on Github Gist -