Difference between revisions of "Cross-Origin Resource Sharing (CORS)"
Jump to navigation
Jump to search
(10 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
[[wikipedia:Cross-Origin Resource Sharing]] is a mechanism that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served. | [[wikipedia:Cross-Origin Resource Sharing]] is a mechanism that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served. | ||
+ | |||
+ | Example: | ||
+ | <pre> | ||
+ | [ | ||
+ | { | ||
+ | "AllowedHeaders": [ | ||
+ | "*" | ||
+ | ], | ||
+ | "AllowedMethods": [ | ||
+ | "PUT", | ||
+ | "POST" | ||
+ | ], | ||
+ | "AllowedOrigins": [ | ||
+ | "*" | ||
+ | ], | ||
+ | "ExposeHeaders": [], | ||
+ | "MaxAgeSeconds": 3000 | ||
+ | } | ||
+ | ] | ||
+ | </pre> | ||
+ | |||
+ | |||
+ | [ | ||
+ | { | ||
+ | "AllowedHeaders": [ | ||
+ | "*" | ||
+ | ], | ||
+ | "AllowedMethods": [ | ||
+ | "PUT", | ||
+ | "POST", | ||
+ | "GET", | ||
+ | "DELETE" | ||
+ | ], | ||
+ | "AllowedOrigins": [ | ||
+ | "*" | ||
+ | ], | ||
+ | "ExposeHeaders": [ | ||
+ | "[[ETag]]" | ||
+ | ], | ||
+ | "MaxAgeSeconds": 3000 | ||
+ | } | ||
+ | ] | ||
+ | |||
+ | |||
+ | == Errors == | ||
+ | * <code>[[has been blocked by CORS policy]]</code> | ||
Line 6: | Line 52: | ||
* [[HSTS]] | * [[HSTS]] | ||
* [[Tellme Networks]] | * [[Tellme Networks]] | ||
+ | * [[Caddyfile]] | ||
+ | * <code>[[gsutil cors]]</code> | ||
+ | * [[Terraform resource: aws cloudfront origin access control]] | ||
+ | * [[CORS (golang)]] | ||
+ | * [[geth --http --http.corsdomain]] | ||
== See also == | == See also == | ||
+ | * {{HTTP methods}} | ||
* {{CSRF}} | * {{CSRF}} | ||
* {{W3C}} | * {{W3C}} |
Latest revision as of 12:37, 27 October 2024
wikipedia:Cross-Origin Resource Sharing is a mechanism that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served.
Example:
[ { "AllowedHeaders": [ "*" ], "AllowedMethods": [ "PUT", "POST" ], "AllowedOrigins": [ "*" ], "ExposeHeaders": [], "MaxAgeSeconds": 3000 } ]
[ { "AllowedHeaders": [ "*" ], "AllowedMethods": [ "PUT", "POST", "GET", "DELETE" ], "AllowedOrigins": [ "*" ], "ExposeHeaders": [ "ETag" ], "MaxAgeSeconds": 3000 } ]
Errors[edit]
Related terms[edit]
- AWS API Gateway
- HSTS
- Tellme Networks
- Caddyfile
gsutil cors
- Terraform resource: aws cloudfront origin access control
- CORS (golang)
- geth --http --http.corsdomain
See also[edit]
Advertising: