---
title: allowedDevOrigins
description: "Use `allowedDevOrigins` to configure additional origins that can request the dev server."
url: "https://nextjs.org/docs/15/app/api-reference/config/next-config-js/allowedDevOrigins"
version: 15.5.15
lastUpdated: 2025-06-16
prerequisites:
  - "Configuration: /docs/15/app/api-reference/config"
  - "next.config.js: /docs/15/app/api-reference/config/next-config-js"
---


Next.js does not automatically block cross-origin requests during development, but will block by default in a future major version of Next.js to prevent unauthorized requesting of internal assets/endpoints that are available in development mode.

To configure a Next.js application to allow requests from origins other than the hostname the server was initialized with (`localhost` by default) you can use the `allowedDevOrigins` config option.

`allowedDevOrigins` allows you to set additional origins that can be used in development mode. For example, to use `local-origin.dev` instead of only `localhost`, open `next.config.js` and add the `allowedDevOrigins` config:

```js filename="next.config.js"
module.exports = {
  allowedDevOrigins: ['local-origin.dev', '*.local-origin.dev'],
}
```
---

For an index of all available documentation, see [/docs/15/llms.txt](/docs/15/llms.txt)