Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Cross-origin resource sharing (CORS)
Cross-origin resource sharing (CORS) is a mechanism that allows restricted resources on a web page to be accessed from another domain outside the domain from which the first resource was served. CORS also relies on a mechanism by which browsers make a “preflight” request to the server hosting the cross-origin resource, in order to check that the server will permit the actual request. In that preflight, the browser sends headers that indicate the HTTP method and headers that will be used in the actual request. For security reasons, browsers restrict cross-origin HTTP requests initiated from scripts. For example, fetch()
and XMLHttpRequest
follow the same-origin policy. This means that a web application using those APIs can only request resources from the same origin the application was loaded from unless the response from other origins includes the right CORS headers.
Resource types
- Invocations of
fetch()
orXMLHttpRequest
- Web Fonts (for cross-domain font usage in
@font-face
within CSS), so that servers can deploy TrueType fonts that can only be loaded cross-origin and used by websites that are permitted to do so - WebGL textures
- Images/video frames drawn to a canvas using
drawImage()
- CSS shapes from images
- scripts
- iframes
- GitHub: https://github.com/topics/cors
- Wikipedia: https://en.wikipedia.org/wiki/Cross-origin_resource_sharing
- Created by: WHATWG, Matt Oshry, Brad Porter, Michael Bodell, Tellme Networks
- Released: May 2006
- Related Topics: xhr, ajax, jsonp, content-security-policy,
- Last updated: 2024-07-29 13:35:30 UTC
- JSON Representation
https://github.com/fruitcake/laravel-cors
Adds CORS (Cross-Origin Resource Sharing) headers support in your Laravel application
cors hacktoberfest laravel middleware php
Last synced: 30 Jul 2024
https://github.com/expressjs/cors
Node.js CORS middleware
cors expressjs javascript middleware nodejs
Last synced: 30 Jul 2024
https://github.com/anjoy8/Blog.Core
💖 ASP.NET Core 8.0 全家桶教程,前后端分离后端接口,vue教程姊妹篇,官方文档:
aop autofac automapper cors dependency-injection dto ioc jwt net7 netcore netcore-vue netcore-webapi rbac rbac-roles redis repository sqlsugar sqlsugarcore swagger t4
Last synced: 31 Jul 2024
https://github.com/everywall/ladder
Selfhosted alternative to 12ft.io. and 1ft.io bypass paywalls with a proxy ladder and remove CORS headers from any URL
bypass cors cors-proxy paywall paywall-blocker paywall-bypasser
Last synced: 31 Jul 2024
https://github.com/jpillora/xdomain
A pure JavaScript CORS alternative
cors cross-domain javascript xhr
Last synced: 01 Aug 2024
https://github.com/developit/express-es6-rest-api
:battery: Starter project for an ES6 RESTful Express API.
api boilerplate cors es2015 es6 express javascript mongoose
Last synced: 31 Jul 2024
https://github.com/nelmio/NelmioCorsBundle
Adds CORS (Cross-Origin Resource Sharing) headers support in your Symfony application
bundle cors cors-request cross-origin-resource-sharing php symfony symfony-bundle
Last synced: 30 Jul 2024
https://github.com/s0md3v/Corsy
CORS Misconfiguration Scanner
cors cors-misconfiguration-scanner cors-scanner vulnerability-scanner
Last synced: 30 Jul 2024
https://github.com/francescomalatesta/laravel-api-boilerplate-jwt
A Laravel 5.8 API Boilerplate to create a ready-to-use REST API in seconds.
api boilerplate cors dingo jwt laravel rest
Last synced: 31 Jul 2024
https://github.com/roottusk/vapi
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
api apitop10 appsec appsec-tutorials bugbounty cors docker exercises hacktoberfest hacktoberfest-accepted owasp owasp-top-10 owasp-top-ten php postman vulnerable-application
Last synced: 31 Jul 2024
https://github.com/chenjj/CORScanner
🎯 Fast CORS misconfiguration vulnerabilities scanner
cors cors-misconfigurations cors-policy cors-scanner python python3 vulnerability-scanners web-security
Last synced: 01 Aug 2024
https://github.com/chenjj/corscanner
🎯 Fast CORS misconfiguration vulnerabilities scanner
cors cors-misconfigurations cors-policy cors-scanner python python3 vulnerability-scanners web-security
Last synced: 01 Aug 2024
https://github.com/javieraviles/node-typescript-koa-rest
REST API boilerplate using NodeJS and KOA2, typescript. Logging and JWT as middlewares. TypeORM with class-validator, SQL CRUD. Docker included. Swagger docs, actions CI and valuable README
class-validator cors crud docker github-actions helmet heroku jwt koa koa-jwt koa-router koa2 node nodemon rest-api sql swagger typeorm typescript winston
Last synced: 02 Aug 2024
https://github.com/OP-Engineering/link-preview-js
⛓ Extract web links information: title, description, images, videos, etc. [via OpenGraph], runs on mobiles and node.
chrome cors extract extract-information firefox http javascript js-library link nodejs parsing react-native safari typescript
Last synced: 31 Jul 2024
https://github.com/Baroshem/nuxt-security
🛡 Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware
basic-authentication cors csrf headers-security module nonce nuxt owasp rate-limiting security vue xss
Last synced: 03 Aug 2024
https://github.com/jczic/MicroWebSrv2
The last Micro Web Server for IoTs (MicroPython) or large servers (CPython), that supports WebSockets, routes, template engine and with really optimized architecture (mem allocations, async I/Os). Ready for ESP32, STM32 on Pyboard, Pycom's chipsets (WiPy, LoPy, ...). Robust, efficient and documented!
async asynchronous cors esp32 hc2 http https iot micropython microwebsrv pyboard pycom routes ssl template-engine web-server websocket websocket-server websockets wipy
Last synced: 01 Aug 2024
https://github.com/spatie/laravel-cors
Send CORS headers in a Laravel application
api cors javascript php request
Last synced: 04 Aug 2024
https://github.com/Zibri/cloudflare-cors-anywhere
CORS "anywhere" proxy in a Cloudflare worker. DEMO at: https://test.cors.workers.dev/
cloudflare cors fastest free proxy
Last synced: 31 Jul 2024
https://github.com/whatyouhide/corsica
Elixir library for dealing with CORS requests. 🏖
cors elixir elixir-lang elixir-library plug
Last synced: 01 Aug 2024
https://github.com/CocaineCong/gin-mall
基于 gin+gorm+redis+mysql 读写分离的电子商城,包括 JWT 鉴权,CORS跨域,AES 对称加密,引入ELK体系方便日志查看,jaeger进行trace查看,skywalking进行检测,使用docker容器化部署
aes-encryption cors docker docker-compose elasticsearch elk gin go golang gorm jaeger jwt kibana mysql redis skywalking
Last synced: 01 Aug 2024
https://github.com/tangxiaofeng7/SecExample
JAVA 漏洞靶场 (Vulnerability Environment For Java)
cors csrf docker fastjson java rce springboot sqlinjection ssrf vulnerability xss-vulnerability
Last synced: 04 Aug 2024
https://github.com/fastify/fastify-cors
Fastify CORS
cors cors-headers fastify fastify-plugin
Last synced: 31 Jul 2024
https://github.com/pikpikcu/XRCross
XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities
bugbounty bugbounty-tool check-subdomains cors cors-scanner lfi rce recon scanners sqli ssrf subdomain-enumeration takeover-subdomain xss-scanner xss-vulnerability
Last synced: 04 Aug 2024
https://github.com/medz/cors
🔮Supported(Laravel/Lumen/PSR-15/Swoft/Slim/ThinkPHP) - PHP CORS (Cross-origin resource sharing) middleware.
cors cors-middleware cors-request crossdomain laravel laravel5 middleware php php-cors psr-15 psr-7 request response slim swoft symfony thinkphp yii2
Last synced: 02 Aug 2024
https://github.com/dimmg/flusk
Boilerplate API on how to structure big Flask applications (includes SQLAlchemy, Docker, nginx)
blueprints cors docker flask json-exceptions middleware sqlalchemy
Last synced: 07 Aug 2024
https://github.com/imjacobclark/cors-container
A CORS proxy in a container (Docker) for when you need to `Access-Control-Allow-Origin: *`!
cors cors-proxy docker permissive-cors
Last synced: 01 Aug 2024
https://github.com/wangshibiaoFlytiger/apiproject
[https://www.sofineday.com], golang项目开发脚手架,集成最佳实践(gin+gorm+go-redis+mongo+cors+jwt+json日志库zap(支持日志收集到kafka或mongo)+消息队列kafka+微信支付宝支付gopay+api加密+api反向代理+go modules依赖管理+headless爬虫chromedp+makefile+二进制压缩+livereload热加载)
alipay api-server compress cors gin-framework golang gomodule gorm headless jwt kafka livereload makefile mongo redis reverseproxy spider wxpay zap
Last synced: 01 Aug 2024
https://github.com/ashleysommer/sanic-cors
A Sanic extension for handling Cross Origin Resource Sharing (CORS), making cross-origin AJAX possible. Based on flask-cors by Cory Dolphin.
cors cross-origin-resource-sharing plugin python-3 python-3-5 python-3-6 sanic
Last synced: 02 Aug 2024
https://github.com/lawliet89/rocket_cors
Cross-origin resource sharing (CORS) for Rocket.rs applications
cors hacktoberfest rocket rust
Last synced: 02 Aug 2024
https://github.com/graycoreio/magento2-cors
A Magento 2 module that enables configurable CORS Headers on the GraphQL and REST APIs
cors cors-headers cors-protocol graphql hacktoberfest magento magento2 magento2-extension magento2-module php rest
Last synced: 03 Aug 2024
https://github.com/jub0bs/fcors
a principled CORS middleware library for Go... but consider using jub0bs/cors (its successor) instead
cors go golang http middleware server web-security
Last synced: 04 Aug 2024
https://github.com/detailyang/lua-resty-cors
It's the implement of CORS on OpenResty
Last synced: 03 Aug 2024
https://github.com/davidedantonio/create-fastify-app
An utility that help you to generate or add plugin to your Fastify project
art-template cors dockerize ejs fastify fastify-plugin fastify-swagger handlebars marko mongodb nodejs nodejs-library postgres redis scaffolding skeleton-application swagger
Last synced: 30 Jul 2024
https://github.com/sanic-org/sanic-ext
Extended Sanic functionality
cors dependency-injection openapi plugin sanic
Last synced: 02 Aug 2024
https://github.com/adhocore/phalcon-ext
Foundations, adapters, extensions, middlewares and utilities for Phalcon v4
adhocore argv-parser console-application cors logger middleware outputcache phalcon phalcon-adapters phalcon-ext phalcon-jwt php7 swiftmailer task-scheduler throttle twig validation
Last synced: 30 Jul 2024
https://github.com/Eltik/M3U8-Proxy
Proxy m3u8 files through pure JavaScript.
cors javascript m3u8 proxy streaming typescript
Last synced: 06 Aug 2024
https://github.com/Baroshem/next-security
🛡 Security plugin for Next.js based on OWASP and Helmet
basicauthentication cors csrf ddos headers helmet nextjs owasp rate-limiting security xss
Last synced: 03 Sep 2024
https://github.com/Dynom/TySug
A project around helping to prevent typing typos. TySug (Typo Suggestions) suggests alternative words with respect to keyboard layouts
algorithm cors docker go golang jaro jaro-winkler keyboard keyboard-layout library spelling-errors string-distance suggestions toml typing typo webservice words
Last synced: 30 Jul 2024
https://github.com/middlewares/cors
PSR-15 middleware to implement Cross-Origin Resource Sharing (CORS)
Last synced: 02 Aug 2024
https://github.com/LordotU/corsyusha
Simple and fast proxy to bypass CORS issues during prototyping against existing APIs without having to worry about CORS
access-control-allow-origin cors cors-proxy cors-proxy-server fastify nodejs proxy
Last synced: 02 Aug 2024
https://github.com/CodingDemon1/CodeConverter-GenAI
The Code Converter App is a versatile tool that allows users to convert, debug, and analyze code written in various programming languages. It utilizes the OpenAI GPT-3.5 turbo model to provide dynamic code conversion, debugging assistance, and code analysis.
cors express-js generative-ai html-css-javascript node-js openai-api
Last synced: 01 Aug 2024
https://github.com/AMSpears/contact-form-backend
Contact Form Backend Clean Template
cors express express-handlebars nodejs nodemailer
Last synced: 01 Aug 2024
https://github.com/wfinn/ucors
tool that scans for CORS bypasses
bugbounty bypass cors pentesting vulnerability-scanners
Last synced: 04 Aug 2024
https://github.com/skriems/csvbuttler
serving data from csv files, blazingly fast
actix-web cors csrf jwt microservice
Last synced: 01 Aug 2024