Have you ever come across CORS errors while you're developing web sites and web applications? If yes, I feel you. You're not alone. And if you haven't yet, you may get them in the future.
So in this article, I will explain what CORS(Cross-Origin Resource Sharing) is, what causes this problem, and hopefully how to fix the issues.
What is Same-Origin Policy?
Same-Origin Policy, also known as SOP, prohibits scripts or documents loaded from one origin from connecting to resources from another origin for web security reasons.
A quick reminder of what an origin is!
An origin is defined by scheme, hostname, and port of the URL, which means that they are the same origin when sharing the same scheme, hostname, and port.
Assume you visit a website whilst you're logged into some social media account, a single JavaScript file on that website could do tons of things, such as enabling it to access your private messages. In short, Same-Origin Policy was developed in order to prevent such attacks and to protect your information.
What was SOP's issue?
Despite the importance of Same-Origin Policy I mentioned above, people needed to find new technologies as AJAX started to be developed and spread throughout the world so that we can call APIs from different origins. To straight to the point, this is where Cross-Origin Resource Sharing comes into picture.
Top comments (0)