Cross-origin resource sharing (CORS)
Cross-origin resource sharing (CORS) is a mechanism that allows restricted resources on a web page to be accessed from another domain outside the domain from which the first resource was served. CORS also relies on a mechanism by which browsers make a "preflight" request to the server hosting the cross-origin resource, in order to check that the server will permit the actual request. In that preflight, the browser sends headers that indicate the HTTP method and headers that will be used in the actual request. For security reasons, browsers restrict cross-origin HTTP requests initiated from scripts. For example, fetch()
and XMLHttpRequest
follow the same-origin policy. This means that a web application using those APIs can only request resources from the same origin the application was loaded from unless the response from other origins includes the right CORS headers.
Resource types
- Invocations of
fetch()
orXMLHttpRequest
- Web Fonts (for cross-domain font usage in
@font-face
within CSS), so that servers can deploy TrueType fonts that can only be loaded cross-origin and used by websites that are permitted to do so
- WebGL textures
- Images/video frames drawn to a canvas using
drawImage()
- CSS shapes from images
- scripts
- iframes
Here are 117 public repositories matching this topic...
ReactJs Browser Music Player using Spotify API and Spotify Web Playback SDK
-
Updated
Dec 11, 2022 - HTML
Jobbee RESTful API fully scalable, secure and powerful build using Express and MongoDB
-
Updated
May 16, 2021 - HTML
Once upon a time, a top-notch resource for web developers
-
Updated
Jul 1, 2022 - HTML
A web application providing users with access to info about movies, directors and genres. Users can register, update personal info, and create a list of their favorite movies
-
Updated
Mar 13, 2024 - HTML
A social media web app for professionals. Built with React.js for front-end and Express.js, Node.js and MongoDB for back-end.
-
Updated
Apr 7, 2024 - HTML
Bypassing CORS to get partial remote content
-
Updated
Apr 29, 2022 - HTML
GenerateYOURownQR is a web application that allows users to generate QR codes effortlessly. This project combines front-end development with a Node.js back-end using Express and MongoDB for QR code generation and storage.
-
Updated
Jan 4, 2024 - HTML
API from a web app where you can get anonymous recommendations.
-
Updated
May 30, 2022 - HTML
Consume default .net core weather api in Blazor web assembly and use mudblazor instead of Bootstrap
-
Updated
Nov 30, 2022 - HTML
(Thinkful Bootcamp) REST API for the movie suggestion app, FlickShare
-
Updated
Dec 9, 2023 - HTML
Used Security Methods for and Insecure Website in Asp.net core
-
Updated
Aug 4, 2021 - HTML
Created by WHATWG, Matt Oshry, Brad Porter, Michael Bodell, Tellme Networks
Released May 2006
- Followers
- 12 followers
- Website
- fetch.spec.whatwg.org/#http-cors-protocol
- Wikipedia
- Wikipedia