About this Book

The idea behind CORS is simple: allow one site to make a request to another. It’s a fairly trivial thing to do from most programming languages. So why does there need to be a book about it?

Hidden behind this simple idea are a lot of complex concepts. While other programming languages have no restrictions on HTTP requests, things are different in a browser, where the browser’s same-origin policy prevents requests from different sites. CORS must balance the need to enable cross-origin requests while preserving the same-origin policy for sites that don’t use CORS.

Also, CORS has both a client- and a server-side component. For a cross-origin request to succeed, the client and the server must be in agreement. This is different ...

Get CORS in Action now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.