Thursday, November 9, 2017

Cross-origin resource sharing [CORS]

Cross-origin resource sharing (CORS) is a mechanism that allows restricted resources (e.g. fonts) on a web page to be requested from another domain outside the domain from which the first resource was served. A web page may freely embed cross-origin images, stylesheets, scripts, iframes, and videos. Certain "cross-domain" requests, notably Ajax requests, however, are forbidden by default by the same-origin security policy.

References:
1.) https://msdn.microsoft.com/en-us/magazine/dn532203.aspx

2.)https://en.wikipedia.org/wiki/Cross-origin_resource_sharing#How_CORS_works


No comments: