🎁 New User? Get 20% off your first purchase with code NEWUSER20 · ⚡ Instant download · 🔒 Secure checkout Register Now →
Menu

Categories

Security Intermediate

What is CORS (Cross-Origin Resource Sharing)?

A browser security mechanism that controls which web domains can access resources from another domain via HTTP requests.

CORS extends the same-origin policy to allow controlled cross-domain requests. The server uses HTTP headers (Access-Control-Allow-Origin, Access-Control-Allow-Methods) to specify which origins can access its resources.

Preflight requests (OPTIONS method) check permissions before actual requests for certain request types. CORS issues are common during development when frontend and backend run on different ports. Proper CORS configuration balances security with functionality.

Related Terms

OAuth 2.0
An authorization framework that allows third-party applications to access user resources without sharing passwords.
Principle of Least Privilege
A security principle where users and programs receive only the minimum access rights needed to perform their specific tasks.
Security Hardening
The process of reducing a system's attack surface by disabling unnecessary services, applying patches, and configuring security controls.
Content Security Policy (CSP)
An HTTP security header that controls which resources a browser is allowed to load for a web page, preventing XSS and data injection.
Webhook Signature Verification
A security mechanism that verifies webhook payloads are authentic and unmodified using cryptographic signatures.
Cryptographic Key Management
The practices and procedures for generating, storing, distributing, rotating, and revoking encryption keys securely.
View All Security Terms →