InterviewSolution
Saved Bookmarks
InterviewSolution
| 1. |
What is Cross-Origin Resource Sharing (CORS) and why is it important? |
|
Answer» Cross-Origin Resource SHARING (CORS) is a browser mechanism that ENABLES web pages from one domain to have controlled access to resources that are located outside the given domain (cross-domain request). It allows a client browser to interact with, and access resources from servers in other domains, also known as origins. It provides and extends flexibility to the Same-Origin Policy, which restricts a WEBSITE's ability to access resources outside its source domain. JavaScript can only MAKE calls to URLS on the same origin as the location where the script is running, due to the “Same Origin Policy” followed. Without enabling CORS, there will be restrictions in accessing resources on different origins. If a website’s CORS policy is not set up properly, it poses a risk of cross-domain attacks, and cannot prevent cross-origin attacks such as Cross-Site Request Forgery (CSRF). |
|