This is a simple demo to explain how browser security policies differ in AJAX vs CORS.
JavaScript ASP
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
client
server
ReadMe.md

ReadMe.md

This is a simple demo to explain how browser security policies differ in AJAX vs CORS.

The code has 2 directories-client and server. Host the client on one port (say 80) and the server on a different port (say 81), without configuring any CORS headers on the webserver. If your browser supports CORS, the server will log the cross origin call. This should hint something about security. Isn't it? :-)

Check this blog post corresponding to this demo: http://www.novogeek.com/post/What-you-know-about-AJAX-is-not-the-same-in-HTML5-CORS.aspx