Product
HTTP Interceptor

A Power HTTP Interceptor to Intercept, Record, Debug & Modify HTTP Requests

API Client

A lightweight and secure API Client for faster API Development & Testing

API Mocking

Build frontend faster without waiting for backend.

Solutions
Frontend Web/Mobile Developers

Requestly improves front-end workflows with local JS testing, mocking, and SessionBook debugging.

For QA engineers

QA engineers love Requestly for its features and ease of use, allowing easy edge case testing.

Support Engineer

Support engineers value Requestly for debugging, demoing, and overriding GTM and Adobe scripts.

Backend Developers

Requestly helps in improving back-end development workflows, by enabling testing.

Pricing
Resources
Pricing
Blog
Case Studies
Status
Github
Release Note
Student Programme
🎉 Requestly joins BrowserStack to build the future of application testing. Read more

HTTP Headers

Timing Allow Origin

HTTP Header

The HTTP Timing-Allow-Origin response header specifies which origins are permitted to access attribute values retrieved using features of the Resource Timing API. Without this header, such attributes would typically be reported as zero due to cross-origin restrictions.

Syntax

Timing-Allow-Origin: *
Timing-Allow-Origin: <origin>, <origin2>, <originN>

Directives

Any origin may see timing resources.

Specifies a URI that may see the timing resources. You can specify multiple origins, separated by commas.

Example

Using Timing-Allow-Origin

To enable any resource to access timing information, you can set the following header:

Timing-Allow-Origin: *

If you want only specific origins, such as https://developer.mozilla.org, to access timing resources, you can specify it like this:

Timing-Allow-Origin: https://developer.mozilla.org

How to Modify Header using Requestly

Requestly is a handy Chrome extension that lets you change HTTP headers, including the Timing-Allow-Origin header. Modifying this header is useful when you want to control which origins can view timing data on your website, helping with performance monitoring and debugging. Steps to Modify the Timing-Allow-Origin Header:

  1. Install and open the Requestly Chrome extension. You can find it on the Chrome Web Store.
  2. Create a new rule: Click on “Create Rule” and choose “Modify Headers” from the list of available rule types.
  3. Add a new header modification:
    • Under “Action”, select “Add” or “Override”.
    • In the “Header Name” field, enter Timing-Allow-Origin.
    • In the “Header Value” field, enter the origin(s) you want to allow (e.g., * to allow all).
  4. Set the URL condition: Specify the URL or pattern where this header change should apply (e.g., https://your-website.com/*).
  5. Save the rule.

This setup enables you to test how your site handles cross-origin timing data sharing, which is essential for optimizing performance and ensuring accurate analytics.