loading...

re: ✋🏼🔥 CS Visualized: CORS VIEW POST

TOP OF THREAD FULL DISCUSSION
re: Sorry if I'm missing something... But in your very first example: Let’s say we’re trying to fetch some user information on our mywebsite.com webs...
 

You are correct. It's just an intro showing a request that works followed by one that fails. They seem similar, but are being affected by the same-origin policy.

api.website.com has to be returning Access-Control-Allow-Origin: https://www.mywebsite.com since the second example denies the request coming from anotherdomain.com.

code of conduct - report abuse