Cross-Origin Resource Sharing (CORS)
| Document Name: | W3C TR http://www.w3.org/TR/cors |
|---|---|
| Document URI: |
http://www.w3.org/TR/cors
|
| Online Version: |
http://www.w3.org/TR/cors
|
| Organization: | World Wide Web Consortium (W3C) |
| Series: | Technical Report (TR) |
| Abstract: | This document defines a mechanism to enable client-side cross-origin requests. Specifications that enable an API to make cross-origin requests to resources can use the algorithms defined by this specification. If such an API is used on http://example.org resources, a resource on http://hello-world.example can opt in using the mechanism described by this specification (e.g., specifying Access-Control-Allow-Origin: http://example.org as response header), which would allow that resource to be fetched cross-origin from http://example.org. |
Specified Web Concepts:
HTTP Header Fields
Access-Control-Allow-Credentials
,
Access-Control-Allow-Headers
,
Access-Control-Allow-Methods
,
Access-Control-Allow-Origin
,
Access-Control-Expose-Headers
,
Access-Control-Max-Age
,
Access-Control-Request-Headers
,
Access-Control-Request-Method
,
Origin
Return to ( Series | Organization | all Specifications )