Cross-origin resource sharing (CORS)
Cross-origin resource sharing (CORS) is a mechanism that allows restricted resources on a web page to be accessed from another domain outside the domain from which the first resource was served. CORS also relies on a mechanism by which browsers make a "preflight" request to the server hosting the cross-origin resource, in order to check that the server will permit the actual request. In that preflight, the browser sends headers that indicate the HTTP method and headers that will be used in the actual request. For security reasons, browsers restrict cross-origin HTTP requests initiated from scripts. For example, fetch() and XMLHttpRequest follow the same-origin policy. This means that a web application using those APIs can only request resources from the same origin the application was loaded from unless the response from other origins includes the right CORS headers.
Resource types
- Invocations of
fetch()orXMLHttpRequest
- Web Fonts (for cross-domain font usage in
@font-facewithin CSS), so that servers can deploy TrueType fonts that can only be loaded cross-origin and used by websites that are permitted to do so
- WebGL textures
- Images/video frames drawn to a canvas using
drawImage()
- CSS shapes from images
- scripts
- iframes
Here are 109 public repositories matching this topic...
Spring Boot 脚手架 Mybatis Spring Security JWT 权限 Spring Cache + Redis
-
Updated
Mar 22, 2019 - Java
Application security best practices and code implementations for Java developers. This project is intended for didactic purposes only, supporting my training course.
-
Updated
Nov 28, 2024 - Java
📚 本仓库是技术专栏的【大本营】,你可以收藏/fork/star来获取最新内容
-
Updated
Jun 5, 2022 - Java
Provides support for configuring various http headers that are important for web services.
-
Updated
Feb 24, 2025 - Java
-
Updated
May 10, 2018 - Java
Client-Side & Server-Side (Java) sample for Cross-Origin Resource Sharing (CORS).
-
Updated
Oct 13, 2020 - Java
springboot代码生成器,主要用于对spring-boot项目进行增强,包含日志配置,异常统一处理,跨域设置,jackson序列化,MybatisPlus,xss攻击等
-
Updated
Apr 30, 2022 - Java
-
Updated
Jun 9, 2024 - Java
JWT CORS Angular Spring Boot ACL Security Authentication example
-
Updated
May 13, 2018 - Java
This tool build for test Cross Origin Sharing vulnerabilities
-
Updated
Jun 18, 2022 - Java
The Hotel Management API implements a complex domain model flow to book a hotel room. The flow simulates a real world application in terms of having a variety of booking options and business rules.
-
Updated
Dec 16, 2021 - Java
Spring Boot Security with Azure B2C: Using Azure B2C to secure Restful API (Part 1) and (Part 2). Learn more: https://www.lionmint.com/en/spring-boot-security-with-azure-b2c-1/
-
Updated
Feb 5, 2019 - Java
📚 ✔️ Repositório com o código fonte desenvolvido durante o acompanhamento das aulas do curso "Spring boot e spring MVC com spring security", presente na plataforma de ensino Udemy.
-
Updated
Aug 23, 2020 - Java
Capacitor plugin to bypass CORS & same origin policy for iframe.
-
Updated
Jul 18, 2023 - Java
Game List API é uma API com a proposta de que se possa gerenciar listas de jogos previamente cadastrados. Utilizando os recursos do framework Spring para web do Java em conjunto com outras ferramentas como: Spring Web, Spring Data JPA e banco de dados como MySQL e H2 Database, nos quais são utilizados para ambientes de desenvolvimentos específicos.
-
Updated
Aug 19, 2024 - Java
ZeroProxy is a multi target http/websocket proxy.
-
Updated
Oct 1, 2018 - Java
Boilerplate for Spring Boot 3(CORS, JPA/QueryDsl setting, Basic/OAuth2 Login and User Management)
-
Updated
Oct 27, 2024 - Java
Example Package
-
Updated
Dec 29, 2018 - Java
Configure CORS in a Spring Boot REST application to make it accessible from a frontend application such as React or Angular.
-
Updated
Aug 9, 2022 - Java
Created by WHATWG, Matt Oshry, Brad Porter, Michael Bodell, Tellme Networks
Released May 2006
- Followers
- 13 followers
- Website
- fetch.spec.whatwg.org/#http-cors-protocol
- Wikipedia
- Wikipedia