Using Fiddler to force a web service to support CORS for debugging

There is already nice article about Using Fiddler to force a web service to support CORS for debugging. However, it was written in 2013 and I am going here to little bit update the code for Fiddler v4.5.1.0.

So, you need to add:

public static RulesOption("Force CORS")
BindPref("fiddlerscript.rules.m_ForceCORS")
var m_ForceCORS: boolean = false;

just at the beginning of class Handlers.

In function static function OnBeforeResponse(oSession: Session) { add:

if (m_ForceCORS && (oSession.oRequest.headers.HTTPMethod == "OPTIONS" || oSession.oRequest.headers.Exists("Origin")))
{                                
    if(!oSession.oResponse.headers.Exists("Access-Control-Allow-Origin"))
    {
        oSession.oResponse.headers.Add("Access-Control-Allow-Origin", "*");
    }

    if(!oSession.oResponse.headers.Exists("Access-Control-Allow-Methods"))
    {
        oSession.oResponse.headers.Add("Access-Control-Allow-Methods", "POST, GET, OPTIONS");
    }

    if (oSession.oRequest.headers.Exists("Access-Control-Request-Headers"))
    {
        if (!oSession.oResponse.headers.Exists("Access-Control-Allow-Headers"))
            oSession.oResponse.headers.Add(
                "Access-Control-Allow-Headers"
                , oSession.oRequest.headers["Access-Control-Request-Headers"]
                );
    }

    if (!oSession.oResponse.headers.Exists("Access-Control-Max-Age"))
    {
        oSession.oResponse.headers.Add("Access-Control-Max-Age", "1728000");
    }

    if (!oSession.oResponse.headers.Exists("Access-Control-Allow-Credentials"))
    {
        oSession.oResponse.headers.Add("Access-Control-Allow-Credentials", "true");
    }

    oSession.responseCode = 200;
}

After that save changes and you should see Force CORS option in the Fiddler menu.