This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Cross Origin Resource Sharing
Cross Origin Resource Sharing

Version management

Difference between version and

At line 1 added 32 lines
!!! Overview[1]
[{$pagename}] ([CORS]) is a [protocol] that enables scripts running on a [browser] client to interact with resources from a different [Web Origin] (origin).
[{$pagename}] is useful because, thanks to the [Same Origin Policy] followed by [XMLHttpRequest] and [Fetch API], [JavaScript] can only make calls to [URLs] that live on the same [Web Origin] as the location where the script is running. For [example], if a [JavaScript] app wishes to make an [AJAX] call to an [API] running on a different [DNS Domain], it would be blocked from doing so thanks to the [Same Origin Policy].
[{$pagename}] is a mechanism that uses additional [HTTP Header Fields] to tell a [browser] to let a web [application] running at one [Web Origin] have [permission] to access selected [resources] from a server at a different [Web Origin].
If such an [API] is used on http://example.org [resources], a resource on http://hello-world.example can opt in using the [{$pagename}] mechanism described by the [{$pagename}] (e.g., specifying Access-Control-Allow-Origin: http://example.org as response header), which would allow that resource to be fetched cross-origin from http://example.org.
Another [example], if you're running a React [SPA] that makes calls to an [API] backend running on a different [DNS Domain]. Web fonts also rely on [CORS] to work.
[{$pagename}] specification from [WC3] has been updated by the [Fetch API] from [WHATWG]
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [Cross Origin Resource Sharing|http://www.w3.org/TR/access-control/|target='_blank'] - based on data observed:2015-05-18
* [#2] - [CORS Tutorial: A Guide to Cross-Origin Resource Sharing|https://auth0.com/blog/cors-tutorial-a-guide-to-cross-origin-resource-sharing/|target='_blank'] - based on information obtained 2019-08-24
* [#3] - [Cross-Origin Resource Sharing (CORS)|https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS|target='_blank'] - based on information obtained 2019-08-24
* [#4] - [3.2. CORS protocol|https://fetch.spec.whatwg.org/#cors-protocol|target='_blank'] - based on information obtained 2019-08-24
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop