Cross-origin resource sharing (CORS)

Cross-origin resource sharing (CORS) is a mechanism that allows restricted resources on a web page to be accessed from another domain outside the domain from which the first resource was served. CORS also relies on a mechanism by which browsers make a “preflight” request to the server hosting the cross-origin resource, in order to check that the server will permit the actual request. In that preflight, the browser sends headers that indicate the HTTP method and headers that will be used in the actual request. For security reasons, browsers restrict cross-origin HTTP requests initiated from scripts. For example, fetch() and XMLHttpRequest follow the same-origin policy. This means that a web application using those APIs can only request resources from the same origin the application was loaded from unless the response from other origins includes the right CORS headers.

Resource types

• Invocations of fetch() or XMLHttpRequest
• Web Fonts (for cross-domain font usage in @font-face within CSS), so that servers can deploy TrueType fonts that can only be loaded cross-origin and used by websites that are permitted to do so
• WebGL textures
• Images/video frames drawn to a canvas using drawImage()
• CSS shapes from images
• scripts
• iframes

• GitHub: https://github.com/topics/cors
• Wikipedia: https://en.wikipedia.org/wiki/Cross-origin_resource_sharing
• Created by: WHATWG, Matt Oshry, Brad Porter, Michael Bodell, Tellme Networks
• Released: May 2006
• Related Topics: xhr, ajax, jsonp, content-security-policy,
• Last updated: 2025-01-31 00:06:07 UTC
• JSON Representation

https://github.com/jatin-pandey01/contacto

Contacto is a contact api backend application

bcrypt cookie-parser cookies cors express-middleware expressjs jsonwebtoken mongo mongodb-atlas mongoose nodejs

Last synced: 21 Dec 2024

https://github.com/amankumarverma11/jobmatch

JobMatch empowers individuals to navigate the job with confidence by providing a data-driven and personalized career guidance platform.

cors flask openai python reactjs

Last synced: 28 Jan 2025

https://github.com/khaledssbd/sa-tourism-project-server-side

SA-Tourism is a tourism based web application for South Asian spots where tourists can get details of spots for future tour.

cors dotenv express mongodb nodemon

Last synced: 14 Dec 2024

https://github.com/panda4817/serverless-api

My own serverless API with several Netlify lambda functions to get data from third party APIs, with CORS enabled.

api cors javascript lambda-functions netlify npm severless

Last synced: 03 Jan 2025

Cross-origin resource sharing (CORS) Awesome Lists

Cross-origin resource sharing (CORS) Categories