Member-only story
Understand the Basics of CORS: A Simple Guide to Cross-Origin Resource Sharing
What is CORS?
Cross-Origin Resource Sharing (CORS) might sound complex, but it’s an important web concept that is actually relatively simple to understand. Imagine that you live in a neighborhood where everyone has their own garden. Now, you might have some delicious apples in your garden, and your neighbor might have some sweet oranges. If you both agree, you might exchange fruits. That’s how you share resources across different gardens, or in web terms, across different origins.
In the web world, CORS is a browser feature that allows a web page from one domain, or origin, to access resources from another domain. A domain is like an online address where websites live. Normally, browsers keep things safe by keeping these domains or origins from mixing. This is known as the same-origin policy. For example, if you’re on www.example.com, by default, you can only use stuff from www.example.com.
But, what if www.example.com wants to use a cool map from maps.anotherexample.com? Here is where CORS comes into play, giving rules for when and how different domains can interact.
The Principles of CORS
Now, let’s look into the main principles behind CORS: