CORS

From Rice Wiki
Revision as of 00:39, 3 March 2024 by Rice (talk | contribs) (Created page with "= Sources = * [https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS Cross-Origin Resource Sharing (CORS) - HTTP | MDN] = Same-origin policy = Before talking about CORS, we must first understand a security mechanism called the '''same-origin policy'''. This policy restricts how a document or script loaded by one origin can interact with a resource from another origin. This isolates potentially malicious documents. Consider a hacker website with a script that requests...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Sources

Same-origin policy

Before talking about CORS, we must first understand a security mechanism called the same-origin policy. This policy restricts how a document or script loaded by one origin can interact with a resource from another origin.

This isolates potentially malicious documents. Consider a hacker website with a script that requests resources from our server. Since the hacker website does not have the same origin as us, they can't access our website by the same-origin policy.

Define. Origin

Overview

Cross-Origin Resource Sharing (CORS) allows server