InterviewSolution
Saved Bookmarks
InterviewSolution
| 1. |
What do you mean by CORS (Cross-Origin Resource Sharing)? |
|
Answer» CORS refers to cross-origin resource sharing. It's a BROWSER mechanism that allows web pages in one DOMAIN to have controlled access to resources in other domains (cross-domain REQUESTS). This allows scripts that are run on a browser client to interact with and access resources from other origins. In doing so, it extends and provides greater flexibility to the SOP (Same-Origin Policy). Same-origin policies restrict the ABILITY of a website to access resources outside of its source domain. For example, a JavaScript app that wants to make a call to an API (Application Programming Interface) that runs on another domain will be blocked due to the SOP. A CORS policy was implemented to circumvent restrictions caused by same-origin policies. In addition, if a website's CORS policy is not configured properly, it may be vulnerable to cross-domain attacks. This MEANS that it cannot stop cross-origin attacks like CSRF (Cross-Site Request Forgery). |
|