Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

This is a simple demo to explain how browser security policies differ in AJAX vs CORS.

branch: master

Fetching latest commit…

Octocat-spinner-32-eaf2f5

Cannot retrieve the latest commit at this time

Octocat-spinner-32 client
Octocat-spinner-32 server
Octocat-spinner-32 ReadMe.md
ReadMe.md

This is a simple demo to explain how browser security policies differ in AJAX vs CORS.

The code has 2 directories-client and server. Host the client on one port (say 80) and the server on a different port (say 81), without configuring any CORS headers on the webserver. If your browser supports CORS, the server will log the cross origin call. This should hint something about security. Isn't it? :-)

Check this blog post corresponding to this demo: http://www.novogeek.com/post/What-you-know-about-AJAX-is-not-the-same-in-HTML5-CORS.aspx

Something went wrong with that request. Please try again.