What is CORS ?

Home / What is ? / What is CORS ?

CORS stands for Cross-Origin Resource Sharing. It is a security mechanism implemented in web browsers to control and restrict cross-origin HTTP requests. In simple terms, it allows web browsers to make requests to a different domain than the one the web page originated from.

When a web page makes a request to a different domain, the browser’s same-origin policy comes into play, which restricts such requests by default due to security concerns. However, CORS provides a way for servers to specify which origins are allowed to access their resources.

The CORS mechanism involves the use of HTTP headers to enable or restrict cross-origin requests. When a browser sends a cross-origin request, it includes an Origin header that specifies the domain of the requesting web page. The server, in turn, responds with a set of headers indicating whether the request is allowed or denied.

CORS (Cross-Origin Resource Sharing) is a security feature implemented in web browsers to restrict JavaScript code from making requests to a different domain than the one the script was served from. In other words, it is a mechanism that allows a web page to access resources from a different domain or origin.

CORS prevents malicious scripts from accessing sensitive data or executing unauthorized actions on behalf of the user. It operates by requiring the server to include specific headers in its responses to cross-origin requests, indicating whether or not the requested resource can be accessed by the requesting origin. If the server’s response indicates that the resource is accessible, the browser allows the request to proceed. Otherwise, the request is blocked, and an error is returned to the JavaScript code attempting to access the resource.

cors

CORS is an important security measure for modern web applications that rely on making requests to third-party APIs or services, as it helps to protect user data and prevent unauthorized access.

We Can allow cors from nodejs app :

const express = require (' express');
const app  = express();

const cors = require('cors')

app.use(cors({ origin: 'https://foo.com'
}));

app.get('/', (req, res) => {res.send('CORS solved')
}) 

Recent Post