Cross-origin resource sharing (CORS)
Cross-origin resource sharing (CORS) is a mechanism that allows restricted resources on a web page to be accessed from another domain outside the domain from which the first resource was served. CORS also relies on a mechanism by which browsers make a “preflight” request to the server hosting the cross-origin resource, in order to check that the server will permit the actual request. In that preflight, the browser sends headers that indicate the HTTP method and headers that will be used in the actual request. For security reasons, browsers restrict cross-origin HTTP requests initiated from scripts. For example, fetch() and XMLHttpRequest follow the same-origin policy. This means that a web application using those APIs can only request resources from the same origin the application was loaded from unless the response from other origins includes the right CORS headers.
Resource types
- Invocations of
fetch()orXMLHttpRequest - Web Fonts (for cross-domain font usage in
@font-facewithin CSS), so that servers can deploy TrueType fonts that can only be loaded cross-origin and used by websites that are permitted to do so - WebGL textures
- Images/video frames drawn to a canvas using
drawImage() - CSS shapes from images
- scripts
- iframes
- GitHub: https://github.com/topics/cors
- Wikipedia: https://en.wikipedia.org/wiki/Cross-origin_resource_sharing
- Created by: WHATWG, Matt Oshry, Brad Porter, Michael Bodell, Tellme Networks
- Released: May 2006
- Related Topics: xhr, ajax, jsonp, content-security-policy,
- Last updated: 2026-06-20 00:06:36 UTC
- JSON Representation
https://github.com/sanic-org/sanic-ext
Extended Sanic functionality
cors dependency-injection openapi plugin sanic
Last synced: 06 Apr 2025
https://github.com/ivan-sincek/xss-catcher
Simple API for storing all incoming XSS requests and various XSS templates.
api blind-xss bug-bounty cors cross-origin-resource-sharing cross-site-request-forgery cross-site-scripting csrf ethical-hacking javascript offensive-security penetration-testing php red-team-engagement security web web-penetration-testing xss
Last synced: 09 Oct 2025
https://github.com/shivam010/bypass-cors
a proxy server to bypass CORS enabled servers
bypass-cors cors cors-proxy cross-origin-resource-sharing payload proxy proxy-server
Last synced: 23 Apr 2025
https://github.com/mskian/gotify-push
Chrome Extension for Send Push Notification 🔔 to gotify/server ☁
chrome-extension cors css fetch gotify html javascript notification push-notifications setup-gotify spectre spectre-css
Last synced: 13 Apr 2025
https://github.com/avikalpg/byok-relay
Bring your own key (BYOK) relay to enable lightweight frontend-only apps to use LLMs using the user's API keys without hitting CORS.
ai ai-gateway anthropic api-proxy bring-your-own-key browser-safe byok cors gemini llm llm-gateway llmops no-backend nodejs openai relay self-hosted
Last synced: 18 Jun 2026
https://github.com/bassetts/warp-cors
warp-cors is a proxy server which enables CORS for the proxied request
cli command-line command-line-tool cors proxy rust server
Last synced: 16 Mar 2025
https://github.com/shubhamagarwal16/realestate
A simple real estate app build with MEAN( Angular, Node and mongoDb ) and MERN( React, Node and mongoDb )
angular backend cors expressjs javascript mongodb mongoose mongoosejs nodejs react react-router react-router-dom reactjs realestate
Last synced: 26 Jun 2025
https://github.com/eko/gofast
A simple micro-framework written in Go
cors go golang micro-framework middleware pongo2
Last synced: 24 Mar 2025
https://github.com/mazipan/cors-hijacker
💀 A bare-minimum solution to solve CORS problem via proxy API
Last synced: 21 Mar 2025
https://github.com/ionutbalosin/java-application-security-practices
Application security best practices and code implementations for Java developers. This project is intended for didactic purposes only, supporting my training course.
api-security authorization-code-flow authorization-code-flow-with-pkce client-credentials-flow cors csp dast java-process-security json-web-key-set jwks oauth-grant-types password-flow roles-based-access-control sast sca security-design-principles security-logging security-testing token-introspection
Last synced: 22 Apr 2025
https://github.com/Eltik/M3U8-Proxy
Proxy m3u8 files through pure JavaScript.
cors javascript m3u8 proxy streaming typescript
Last synced: 18 Jul 2025
https://github.com/shakyshane/nginx-cors-plus
A simple nginx proxy that you can put in front of any domain to enable CORS.
Last synced: 08 Oct 2025
https://github.com/wpcodevo/rust-axum-mongodb
In this article, we'll explore how to create a robust API that supports Create, Read, Update, and Delete operations using the Axum framework and MongoDB.
axum axum-framework cors crud crud-api docker docker-compose mongodb restful-api rust
Last synced: 16 Jul 2025
https://github.com/jangbl/express-session-with-redis
A cookie-based Node.js session implementation using Express.js and Redis
bcrypt bcrypt-node bcrypt-nodejs connect-redis cors express express-session expressjs login node node-js nodejs nodejs-api password-hashing redis redis-session session session-store
Last synced: 30 Apr 2025
https://github.com/zerg000000/simple-cors
Simply usable CORS middleware / interceptor for Clojure
Last synced: 22 Oct 2025
https://github.com/osamhack2020/web_kookbangfriends_woowahan
'국방프렌즈'는 군 생활을 하는 용사 및 군무원분들을 대상으로 온라인 비대면 상담 서비스를 제공하고 자유롭게 소통을 할 수 있는 커뮤니티 웹/앱 플랫폼입니다. 또한 병영생활에 도움이 되는 정보를 다양한 방법으로 제공하여 하나의 커뮤니티 체계를 이루는 것을 목표로 한 프로젝트입니다. 🇰🇷
cors csr docker exressjs git graphql html5 jwt mongodb nextjs nodejs pwa reactjs responsive-web-design scss ssl ssr strapi typescript
Last synced: 06 Mar 2026
https://github.com/cawfree/sameorigin
🤖 🧪 Masquerade as if you were their own frontend.
axios blur bypass cloudflare cors exploit marketplace nft opensea puppeteer
Last synced: 10 Apr 2025
https://github.com/cstodor/quizapp
MEAN Stack Quiz Application (MongoDB, ExpressJS, Angular4, NodeJS)
angular-cli angular4 body-parser cors expressjs javascript mean mean-stack mongodb mongoose nodejs npm npm-package quiz quizapp typescript
Last synced: 23 Mar 2025
https://github.com/ravro-ir/golang_bug_hunting
Live for Go hackers (bug bounty)
bugbounty clickjacking cors golang live livestream ravro recon vulnerability
Last synced: 13 Oct 2025
https://github.com/kamranayub/azure-storage-rest-postman
Postman collection to sign requests to Azure Storage Management REST API
azure azure-storage cors postman rest rest-api
Last synced: 14 Apr 2025
https://github.com/baroshem/next-security
🛡 Security plugin for Next.js based on OWASP and Helmet
basicauthentication cors csrf ddos headers helmet nextjs owasp rate-limiting security xss
Last synced: 29 Jun 2025
https://github.com/Baroshem/next-security
🛡 Security plugin for Next.js based on OWASP and Helmet
basicauthentication cors csrf ddos headers helmet nextjs owasp rate-limiting security xss
Last synced: 30 Aug 2025
https://github.com/martinkr/corsify
A tiny transparent proxy. The benefit: it adds the CORS-headers! Why? It prevents Cross Domain Errors.
ajax ajax-request cors cors-headers cors-middleware cors-proxy cors-request cross-domain development docker node nodejs xhr
Last synced: 21 Mar 2025
https://github.com/pktharindu/laravel-api-boilerplate-passport
An API Boilerplate to create a ready-to-use REST API in seconds.
api boilerplate cors dingo hacktoberfest laravel passport rest
Last synced: 05 May 2025
https://github.com/unbounce/encors
encors is a CORS library for ring.
clojure cors owner-platform-services release-not-compliant ring workflow-trunk
Last synced: 09 Apr 2025
https://github.com/adhityaramadhanus/fasthttpcors
Cors Handler for fasthttp
Last synced: 15 Apr 2025
https://github.com/mhsnbakhshi/shop-apis
shop apies using nodejs & express.js & mongoDB
backend bcrypt cookie-parser cors dotenv express-validator expressjs javascript jsonwebtoken mongodb mongoose multer nodejs nodemailer nodemon swagger uuid
Last synced: 12 Mar 2026
https://github.com/chebyrash/cors
CORS proxy using Cloudflare Workers
cors cors-anywhere cors-enabled cors-middleware cors-proxy
Last synced: 10 Apr 2025
https://github.com/gedysintraware/cordova-plugin-webview-proxy
Plugin to proxy requests through the webview
cookies cordova cordova-ios cors proxy wkwebview
Last synced: 21 Aug 2025
https://github.com/kabirjaipal/react-news-app
All-in-one Tech News: Stay updated with the latest tech articles from popular websites in a user-friendly app. Built with React.js, Express.js, and Node.js
cheeriojs cors express-js full-stack-web-development html-css-javascript news newsapi nodejs nodejs-api reactjs server-side tailwindcss vitejs
Last synced: 29 Oct 2025
https://github.com/m-nathani/node-typescript-starter
REST API using Node with typescript, KOA framework. TypeORM for SQL. Middlewares JWT (auth), CORS, Winston Logger, Error, Response
boilerplate boilerplate-node cors crud jwt koa koa2 mysql-database node node-js node-module rest sql starter ts-node tutorial-code typeorm typeorm-extension typescript winston
Last synced: 16 Mar 2026
https://github.com/simonw/asgi-cors
ASGI middleware for applying CORS headers to an ASGI application
Last synced: 19 Apr 2025
https://github.com/evg4b/uncors
A simple dev HTTP/HTTPS reverse proxy for replacing CORS headers.
cors cors-headers cors-proxy developer-tools devtools frontend frontend-tool frontendtools http https mock-server proxy
Last synced: 22 Aug 2025
https://github.com/bzsome/gobang04
五子棋社区,前后端完全分离,SSM框架,CORS跨域访问,SSO单点登录,Bootstrap界面,RESTful构架风格,Netty即时通信,Token口令授权,Web端与客户端通信。异步请求,面向接口编程。
bootstrap cors javaee jwt-token mybatis netty-server restful-api spring spring-mvc ssm sso-server websocket
Last synced: 26 Jun 2025
https://github.com/Dynom/TySug
A project around helping to prevent typing typos. TySug (Typo Suggestions) suggests alternative words with respect to keyboard layouts
algorithm cors docker go golang jaro jaro-winkler keyboard keyboard-layout library spelling-errors string-distance suggestions toml typing typo webservice words
Last synced: 14 Mar 2025
https://github.com/dynom/tysug
A project around helping to prevent typing typos. TySug (Typo Suggestions) suggests alternative words with respect to keyboard layouts
algorithm cors docker go golang jaro jaro-winkler keyboard keyboard-layout library spelling-errors string-distance suggestions toml typing typo webservice words
Last synced: 13 Apr 2025
https://github.com/firesphere/silverstripe-graphql-jwt
JWT Authentication for GraphQL
anonymous-tokens authentication authentication-middleware cors graphql hacktoberfest headless jwt rsa-key security signer-key
Last synced: 18 Jul 2025
https://github.com/dabit3/api-gateway-lambda-in-various-runtimes
Examples of serverless Lambda functions integrated with API Gateway and CORS enabled
aws cors dotnet golang java serverless
Last synced: 17 Nov 2025
https://github.com/holtwick/zerva
🌱 Simple event driven server
cors event-driven express http https javascript nodejs server services typed typescript zeed zerva
Last synced: 16 Mar 2025
https://github.com/riad-azz/tiktok-saver
TikTok Saver is a SaaS (Software as a service) for downloading and saving Tiktok videos with the highest quality and no watermark.
api cors docker docker-compose flask flask-backend nextjs nextjs-frontend nginx open-source rate-limiting redis software-as-a-service tiktok tiktok-api tiktok-downloader tiktok-saver tiktok-scraper tiktok-video-downloader
Last synced: 04 Apr 2025
https://github.com/mpdroog/dnsleak
DNS Leak testing
cors dns geoip2 leak letsencrypt spyoff systemd-service
Last synced: 11 Jan 2026
https://github.com/ericmdantas/aliv
Light, fast and powerful one liner live-reloading Node.js server.
compression cors easy http2 live live-reload proxy secure server
Last synced: 15 Jul 2025
https://github.com/idootop/tauri-plugin-cors-fetch
Enabling Cross-Origin Resource Sharing (CORS) for Fetch Requests within Tauri applications.
cors fetch tauri unofficial-tauri-plugin
Last synced: 20 Jan 2026
https://github.com/itrabbit/just
JUST - GoLang package for fast development web micro services
cli cors finalizer framework gin golang http https i18n just microservices network regex-routing regex-validator server simple web
Last synced: 17 Jan 2026
https://github.com/digital-blueprint/webapppassword
Nextcloud app to generate temporary app passwords and allow webdav access for SPAs
cors dbp digital-blueprint nextcloud nextcloud-app php webdav
Last synced: 04 Feb 2026
https://github.com/nicolaspearson/gogo-cors-proxy
A simple Golang proxy which adds CORS headers to an incoming request.
Last synced: 26 Sep 2025
https://github.com/michealroberts/nitro-cors
CORS event handler for the Nitro web server
cors cors-middleware cross-origin-resource-sharing h3 nitro nuxt nuxt3
Last synced: 01 Nov 2025
https://github.com/mahdijafaridev/fastapi-middlewares
Essential middlewares that for FastAPI applications
cors fastapi logging middleware middlewares python security starlette
Last synced: 13 Jan 2026
https://github.com/jangaraj/keycloak-cors-issue-debugging
Recommendations how to solve/debug CORS issues, when Keycloak IDP is used
Last synced: 06 Feb 2026
https://github.com/ixtendio/gofre
A fast and low memory consumption web framework for Go with middleware support and without third-party dependencies
authorization cors csrf-protection framework go go-template golang json middleware mux-router oauth2 rbac server-side-events sse
Last synced: 14 Jan 2026
https://github.com/marcodpt/minirps
Mini reverse proxy server written in rust
api axum cors https hurl minijinja reqwest reverse-proxy rust self-contained server single-binary template webserver zero-configuration
Last synced: 10 Apr 2025
https://github.com/luizcalaca/mern-full-stack
MERN Full Stack
api-rest cors expressjs full-stack fullstack-development javascript mongodb mongoose nodejs reactjs
Last synced: 12 Apr 2025
https://github.com/hexagonframework/hexagonal-architecture-demo
cors ddd hexagonal-architecture
Last synced: 12 Oct 2025
https://github.com/ayusharma-ctrl/data_visualization_dashboard-mern-stack
It is a Data Visualization Dashboard that uses the MERN Stack to create visualizations. Project uses given JSON data to create a MongoDB database and create an API in node.js to retrieve the data. The visualizations are created using chart.js library. The dashboard has various filters. Project aims to generate insights from creative visualizations.
axios bootstrap5 chartjs cors dotenv express mern-stack mongodb nodejs react
Last synced: 27 Mar 2026
https://github.com/dropwizard/dropwizard-web
Provides support for configuring various http headers that are important for web services.
cors csp dropwizard hacktoberfest headers hsts java xss
Last synced: 04 Apr 2025
https://github.com/btc415/mern_auth_dashboard
MERN Login & Register Dashboard (My SQL, Express, React & Nodejs)
axios cors expressjs mern-stack mysql nextjs nodejs react react-native
Last synced: 08 May 2025
https://github.com/jabedalimollah/notebook
This is my notebook project and I am creating it using MERN stack
axios cors css3 expressjs javascript jsonwebtoken mongodb-database mongoose node nodejs react-icons react-router react-router-dom reactjs shadcn-ui tailwindcss zod-validation
Last synced: 24 Oct 2025
https://github.com/jackblackevo/cors-jsonp-sample
Client-Side & Server-Side (Java) sample for Cross-Origin Resource Sharing (CORS).
ajax cors cross-origin-resource-sharing java javascript jsonp
Last synced: 09 Apr 2025
https://github.com/koheimizuno/mern-blog
bcrypt bcryptjs bootstrap cors express formik jsonwebtoken mongodb mongoose nodemon react tailwindcss typescript yup
Last synced: 11 Jun 2025
https://github.com/parzibyte/crud-angular-php-mysql
Conexión Angular con PHP y MySQL usando Angular Material para los estilos y un servicio con HttpClient para peticiones AJAX
ajax angular angular-material angular-php cors example-app httpclient mariadb material-design mysql php
Last synced: 12 Apr 2025
https://github.com/deveshsuryawanshi/codegenius
We are developing an AI-powered self-interview preparation platform. This platform leverages the power of AI and natural language processing to simulate real interview scenarios, providing users with valuable feedback and resources to enhance their interview skills.
axios chatgpt-api cors dotenv express-js monggose mongodb node-js react react-icons react-router-dom react-speech-recognition-npm react-use-clipboard react-webcam redux styled-components tailwindcss typescript
Last synced: 23 Aug 2025
https://github.com/jojoee/bulk-curl
:tada: bulk cURL URLs, to fetch / call a huge url lists http://jojoee.github.io/bulk-curl/
bulk bulk-curl-urls cors cross-origin-resource-sharing curl
Last synced: 12 Apr 2025
https://github.com/middlewares/cors
PSR-15 middleware to implement Cross-Origin Resource Sharing (CORS)
Last synced: 06 May 2025
https://github.com/bump-sh/cors-toujours
This is a lightweight HTTP proxy server built using the Sinatra framework. It acts as a pass-through proxy, allowing requests to be forwarded to a specified target URL. Additionally, it provides a JWT (JSON Web Token) verification mechanism to allow only specific requests.
cors cors-anywhere cors-headers cors-proxy http proxy ruby sinatra
Last synced: 22 Apr 2025
https://github.com/teal-finance/garcon
Golang web toolbox for API and static website including HTTP server, middlewares, JWT, CORS, OPA, Cookies, Prometheus exporter, Rate Limiter compatible with Go standards and dozens of Go routers
autorization bearer browser-fingerprint chat-notification coockie cors cors-middleware file-server golang http-logger http-server jwt middleware middleware-collection pprof rate-limiter static-website
Last synced: 06 May 2025
https://github.com/rluders/wn-cors-plugin
Cross-Origin Resource Sharing (CORS) for WinterCMS
cors hacktoberfest laravel php wintercms wintercms-plugin
Last synced: 22 Mar 2025
https://github.com/chandelanish/fusionflow
FusionFLOW is a dynamic web app that boosts social connectivity and productivity. It offers blurbs for quick updates, real-time chat, video calling, email messaging, friend location tracking, and expense management, providing users with a comprehensive suite of tools to stay connected and organized.
bootstrap5 cors expressjs mongodb mongoose nodejs react-redux reactjs redux-toolkit
Last synced: 05 Oct 2025
https://github.com/krakend/krakend-cors
Adds CORS support to the KrakenD framework
api-gateway cors gin krakend krakend-cors mux
Last synced: 27 Oct 2025
https://github.com/prantlf/grunt-embed-fonts
Embeds webfont files to CSS stylesheets as base64-encoded data URIs to prevent CORS problems
cors font-files grunt-task stylesheets webfonts
Last synced: 01 Aug 2025
https://github.com/ajsalemo/dotnetcoreapi-nextjs
A basic NextJS UI that connects to a ASP .NET Core API - used as a proof of concept for multicontainers/docker-compose on Azure
aspnetcore azure cloud cors csharp docker docker-compose dockerfile expressjs javascript kestrel multicontainers nextjs paas ssr
Last synced: 13 Apr 2025
https://github.com/niharika2k00/notes-app
axios cors expressjs mongodb-database node reactjs
Last synced: 29 Oct 2025
https://github.com/labrador-kennel/http-cors
Middleware for @amphp http-server to handle CORS requests!
Last synced: 11 Feb 2026
https://github.com/bestzwei/ciao-cors
Ciao ~ CORS ^v^: This is a Deno reverse proxy which adds CORS headers to the proxied request.
cors cors-anywhere cors-proxy deno proxy
Last synced: 07 Oct 2025
https://github.com/darkhorsecorder/next.js-matspar-ssr
api api-client cors example image loading-indicator nextjs pwa react typescript
Last synced: 05 Aug 2025
https://github.com/bcapathshala/chatgpt-app-clone
ChatGPT is all overall social media web based application
chatgpt-api cors css expressjs html html-css-javascript javascript nodejs openai vitejs
Last synced: 14 Apr 2025
https://github.com/dbjohnson/zappa-quick-start
A quick walkthrough setting up a new authenticated serverless app using Zappa and Cognito
aws-lambda cognito cors serverless zappa zappa-flask
Last synced: 08 Jan 2026
https://github.com/balazshevesi/nar-slutar-lektionen
⏰ En webapp för att ha koll på när lektionen slutar och börjar. Utnyttjar skola24as API
aws-amplify cors eslint frontend-development next-js prettier react-js react-server-components skola24 tailwind-css time-keeping typescript web-development
Last synced: 12 Jul 2025
https://github.com/grimmerk/express-mongo-rest-k8s-sample
It is deployed to Google Kubernetes Engine, ver. 1.9.7-gke.6, as well as minikube v0.28.2 (with local K8s cluster v1.10.0). 1. Web (API) server: setup Load balance for it (2 K8s pods), local dev url: http://localhost:3000, deployed port in K8s yaml: 80. 2. MongoDB: No usage of sharding or replica sets for it, only a standalone K8s pod.
babel cors docker es6 jest kubernetes mongodb mongoose nodejs yarn
Last synced: 03 Apr 2025
https://github.com/highcanfly-club/nocors
noCors proxy for Servless static apps
azure-functions azure-static-web-apps cf-pages cloudflare cors cors-proxy
Last synced: 12 May 2025
https://github.com/fraigo/python-cors-proxy
A simple CORS proxy to fetch content from remote sites without CORS policy.
cors cors-proxy django fetch python
Last synced: 12 May 2025
https://github.com/johnantoni/express-passport-boilerplate
My take on an express/react boilerplate, with passport & session-auth built in
authentication cors express nodejs passport passport-local-mongoose react session-cookie
Last synced: 16 Apr 2025
https://github.com/core-go/core
authorization cache client cors crud crypto currency echo gin http-client http-handler io jwt log logrus master-data-loader redis security validator zap
Last synced: 29 Apr 2025
https://github.com/obrm/bootcamper-api
This Node.js, Express.js, and MongoDB RESTful API offers authentication, CRUD operations, pagination, filtering, sorting, geocoding, and image uploading. Manage bootcamps, courses, reviews, and users based on different access levels. Search for bootcamps within a radius, and upload bootcamp images.
bcryptjs cookie-parser cors express express-fileupload express-mongo-sanitize express-rate-limit helmet hpp jwt mongoose node-geocoder nodemailer slugify xss-clean
Last synced: 30 Apr 2025
https://github.com/kanugurajesh/hackathon-social-media-bot-backend
Backend for the social media bot
azure-app-service chatbot cohere-ai cors flask python rest-api templates twilio-api
Last synced: 07 May 2025
