Understanding CORS - Cross-Origin Resource Sharing

Understanding CORS - Cross-Origin Resource Sharing

If you ever worked with an AJAX call, you are probably familiar with the following error displayed in browser console:

[…]

If you explicitly want to add cookies, custom headers and other features making the request not longer a “simple request”, and the server does not respond properly, the request will not be sent.

CORS uses a few HTTP headers — both in request and response — but the ones you must understand in order to be able to continue working are:

[…]

Similarly, this response should contain a list of headers that will be present in the actual response to the call and should be made available to the client. All other headers will be restricted.

[…]