Cross-Origin Resource Sharing (CORS)
Last updated

Cross-Origin Resource Sharing (CORS)

Cross-Origin Resource Sharing (CORS) is: a mechanism that browsers and webviews, use to restrict HTTP and HTTPS requests made from scripts to resources in a different origin for security purpose to protect your user's data and prevent unwanted attacks

In order to know if an external origin supports CORS, the server has to send some special headers for the browser to allow the requests.

CORS errors are common in web apps when a cross-origin request is made but the server doesn't return the required headers in the response (is not CORS-enabled):

XMLHttpRequest cannot load https://api.example.com. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8100' is therefore not allowed access.

So, you must register your CORS URL in menu Developer -> More Menu -> Developer Configuration -> Tab CORS

CORS

Previous page
Next page