Difference between revisions of "Cross-Origin Resource Sharing (CORS)"

wikipedia:Cross-Origin Resource Sharing is a mechanism that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served.

Example:

[
    {
        "AllowedHeaders": [
            "*"
        ],
        "AllowedMethods": [
            "PUT",
            "POST"
        ],
        "AllowedOrigins": [
            "*"
        ],
        "ExposeHeaders": [],
        "MaxAgeSeconds": 3000
    }
]

[
   {
       "AllowedHeaders": [
           "*"
       ],
       "AllowedMethods": [
           "PUT",
           "POST",
           "GET",
           "DELETE"
       ],
       "AllowedOrigins": [
           "*"
       ],
       "ExposeHeaders": [
           "ETag"
       ],
       "MaxAgeSeconds": 3000
   }
]

Related terms

• AWS API Gateway
• HSTS
• Tellme Networks

has been blocked by CORS

See also

• Template:HTTP methods
• CSRF, CORS, XSRF
• W3C, CORS
• CORS, HSTS, Access-Control-Allow-Origin, Enabling CORS for a REST API resource, Lighthouse bn --http --http-allow-origin, Caddyfile, gsutil cors, cors_rule, aws_s3_bucket_cors_configuration, geth --http.corsdomain, Preflighted requests, CORS (golang)