Cross-origin resource sharing (CORS)

Topic history | v1 (current) | created by jjones

Details

Cross-origin resource sharing (CORS)

| created by jjones | Add topic "Cross-origin resource sharing (CORS)"
Title
Cross-origin resource sharing (CORS)
Description
Cross-origin resource sharing (CORS) is a mechanism that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served. A web page may freely embed cross-origin images, stylesheets, scripts, iframes, and videos. Certain "cross-domain" requests, notably Ajax requests, are forbidden by default by the same-origin security policy. CORS defines a way in which a browser and server can interact to determine whether it is safe to allow the cross-origin request. It allows for more freedom and functionality than purely same-origin requests, but is more secure than simply allowing all cross-origin requests. The specification for CORS is included as part of the WHATWG's Fetch Living Standard. This specification describes how CORS is currently implemented in browsers. An earlier specification was published as a W3C Recommendation.
Link
https://en.wikipedia.org/?curid=27711475

authors

This topic has no history of related authors.

topics

subtopic of Web programming
v1 | attached by jjones | Add topic "Cross-origin resource sharing (CORS)"