Cross-origin resource sharing (CORS) topic
Cross-origin resource sharing (CORS) is a mechanism that allows restricted resources on a web page to be accessed from another domain outside the domain from which the first resource was served. CORS also relies on a mechanism by which browsers make a "preflight" request to the server hosting the cross-origin resource, in order to check that the server will permit the actual request. In that preflight, the browser sends headers that indicate the HTTP method and headers that will be used in the actual request. For security reasons, browsers restrict cross-origin HTTP requests initiated from scripts. For example, fetch() and XMLHttpRequest follow the same-origin policy. This means that a web application using those APIs can only request resources from the same origin the application was loaded from unless the response from other origins includes the right CORS headers.
Resource types
- Invocations of
fetch()orXMLHttpRequest - Web Fonts (for cross-domain font usage in
@font-facewithin CSS), so that servers can deploy TrueType fonts that can only be loaded cross-origin and used by websites that are permitted to do so - WebGL textures
- Images/video frames drawn to a canvas using
drawImage() - CSS shapes from images
- scripts
- iframes
node-cors-server
A test application that helps illustrate CORS while both in a working state and a non-working state across simple and complex request scenarios.
phalcon-ext
Foundations, adapters, extensions, middlewares and utilities for Phalcon v4
Corser
CORS middleware for Node.js
cors
🔮Supported(Laravel/Lumen/PSR-15/Swoft/Slim/ThinkPHP) - PHP CORS (Cross-origin resource sharing) middleware.
allOrigins
:alien: Pull content from any page as JSON via API
laravel-api-boilerplate-jwt
A Laravel 5.8 API Boilerplate to create a ready-to-use REST API in seconds.
laravel-api-boilerplate-passport
An API Boilerplate to create a ready-to-use REST API in seconds.
CORSflare
A lightweight JavaScript CORS Reverse Proxy designed to run in a Cloudflare Worker.