Document Name: W3C TR
Document URI:
Online Version:
Organization: World Wide Web Consortium (W3C)
Series: Technical Report (TR)
Abstract: This document defines a mechanism to enable client-side cross-origin requests. Specifications that enable an API to make cross-origin requests to resources can use the algorithms defined by this specification. If such an API is used on resources, a resource on http://hello-world.example can opt in using the mechanism described by this specification (e.g., specifying Access-Control-Allow-Origin: as response header), which would allow that resource to be fetched cross-origin from

Specified Web Concepts:

HTTP Header Fields

Access-Control-Allow-Credentials , Access-Control-Allow-Headers , Access-Control-Allow-Methods , Access-Control-Allow-Origin , Access-Control-Expose-Headers , Access-Control-Max-Age , Access-Control-Request-Headers , Access-Control-Request-Method , Origin

Return to ( Series | Organization | all Specifications )