Difference between revisions of "Cross-Origin Resource Sharing (CORS)"

From wikieduonline
Jump to navigation Jump to search
 
(11 intermediate revisions by 3 users not shown)
Line 1: Line 1:
[[wikipedia:Cross-Origin Resource Sharing]]
+
[[wikipedia:Cross-Origin Resource Sharing]] is a mechanism that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served.
 +
 
 +
Example:
 +
<pre>
 +
[
 +
    {
 +
        "AllowedHeaders": [
 +
            "*"
 +
        ],
 +
        "AllowedMethods": [
 +
            "PUT",
 +
            "POST"
 +
        ],
 +
        "AllowedOrigins": [
 +
            "*"
 +
        ],
 +
        "ExposeHeaders": [],
 +
        "MaxAgeSeconds": 3000
 +
    }
 +
]
 +
</pre>
 +
 
 +
 
 +
[
 +
    {
 +
        "AllowedHeaders": [
 +
            "*"
 +
        ],
 +
        "AllowedMethods": [
 +
            "PUT",
 +
            "POST",
 +
            "GET",
 +
            "DELETE"
 +
        ],
 +
        "AllowedOrigins": [
 +
            "*"
 +
        ],
 +
        "ExposeHeaders": [
 +
            "[[ETag]]"
 +
        ],
 +
        "MaxAgeSeconds": 3000
 +
    }
 +
]
 +
 
 +
 
 +
== Errors ==
 +
* <code>[[has been blocked by CORS policy]]</code>
  
  
Line 6: Line 52:
 
* [[HSTS]]
 
* [[HSTS]]
 
* [[Tellme Networks]]
 
* [[Tellme Networks]]
 +
* [[Caddyfile]]
 +
* <code>[[gsutil cors]]</code>
 +
* [[Terraform resource: aws cloudfront origin access control]]
 +
* [[CORS (golang)]]
 +
* [[geth --http --http.corsdomain]]
  
 
== See also ==
 
== See also ==
 +
* {{HTTP methods}}
 
* {{CSRF}}
 
* {{CSRF}}
 
* {{W3C}}
 
* {{W3C}}

Latest revision as of 12:37, 27 October 2024

wikipedia:Cross-Origin Resource Sharing is a mechanism that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served.

Example:

[
    {
        "AllowedHeaders": [
            "*"
        ],
        "AllowedMethods": [
            "PUT",
            "POST"
        ],
        "AllowedOrigins": [
            "*"
        ],
        "ExposeHeaders": [],
        "MaxAgeSeconds": 3000
    }
]


[
   {
       "AllowedHeaders": [
           "*"
       ],
       "AllowedMethods": [
           "PUT",
           "POST",
           "GET",
           "DELETE"
       ],
       "AllowedOrigins": [
           "*"
       ],
       "ExposeHeaders": [
           "ETag"
       ],
       "MaxAgeSeconds": 3000
   }
]


Errors[edit]


Related terms[edit]

See also[edit]

Advertising: