What is an origin in the context of CORS?
The combination of protocol, domain, and port. http://example.com:80 and https://example.com:443 are different origins. A request from one origin to another is a cross-origin request, which requires CORS.
Verify This Answer
Cross-check this information using these trusted sources:
More FAQs in What Is CORS in JavaScript?
Cross-Origin Resource Sharing. A browser security mechanism that controls when a web page can make requests to a different origin (protocol + domain + port). The server must include Access-Control-Allow-Origin headers to allow cross-origin requests.
A browser security policy that blocks requests to different origins by default. CORS is the mechanism that allows servers to opt-in to cross-origin requests by including specific headers.
Access-Control-Allow-Origin (which origins are allowed), Access-Control-Allow-Methods (which HTTP methods), Access-Control-Allow-Headers (which custom headers), and Access-Control-Allow-Credentials (for cookies).
Still have questions?
Browse all our FAQs or reach out to our support team
