CORS Essentials

CORS Essentials

By : Rajesh Gunasundaram

Buy this Book

CORS Essentials

By: Rajesh Gunasundaram

Buy this Book

Overview of this book

This book explains how to use CORS, including specific implementations for platforms such as Drupal, WordPress, IIS Server, ASP.NET, JBoss, Windows Azure, and Salesforce, as well as how to use CORS in the Cloud on Amazon AWS, YouTube, Mulesoft, and others. It examines limitations, security risks, and alternatives to CORS. It explores the W3C Specification and major developer documentation sources about CORS. It attempts to predict what kinds of extension to the CORS specification, or completely new techniques, will come in the future to address the limitations of CORS Web developers will learn how to share code and assets across domains with CORS. They will learn a variety of techniques that are rather similar in their method and syntax. The book is organized by similar types of framework and application, so it can be used as a reference. Developers will learn about special cases, such as when a proxy is necessary. And they will learn about some alternative techniques that achieve similar goals, and when they may be preferable to using CORS

CORS Essentials

Credits

About the Authors

www.PacktPub.com

Customer Feedback

Preface

Free Chapter

Why You Need CORS

The same-origin policy

Considering the origin of entities

Commonly allowed cross-origin resource sharing

Permissions required by JavaScript

How CORS works – the header and the request

CORS with Preflight

Troubleshooting and debugging CORS

CORS with jQuery

Enabling CORS globally with server configuration

Alternatives to CORS

Summary

Creating Proxies for CORS

Proxies and the World Wide Web

What is a proxy server?

Reasons to use a proxy

Creating a proxy server with Google App Engine

Summary

Usability and Security

CORS usability

Enhancing security in CORS

Summary

CORS in Popular Content Management Frameworks

Incoming CORS requests

CORS in Adobe Experience Manager

Summary

CORS in Windows

Incoming CORS requests

How to set the Access-Control-Allow-Origin header globally in Windows IIS Server

CORS in the ASP.NET Web API

CORS in Windows Communication Foundation

CORS in Windows browsers – Internet Explorer and Edge

Summary

CORS in the Cloud

CORS requests in cloud APIs

CORS in Amazon Simple Storage Service (S3)

Using CORS in Google Cloud Storage

Authenticated access to Google APIs with CORS

CORS in IBM Cloudant

CORS in Windows Azure Storage

CORS in Box API

CORS in the Dropbox API

Summary

References

CORS in Node.js

JavaScript frameworks are very popular

Introduction to Node.js

JavaScript frameworks that work with Node.js

CORS in Express.js

CORS npm for Express.js using Connect.js middleware

CORS in AngularJS

CORS in Backbone.js

Node.js and JavaScript frameworks are evolving rapidly

Summary

References

CORS Best Practices

Enabling API to public CORS requests

Limiting API to allow CORS requests to a whitelisted set of origins

Protecting against cross-site request forgery (CSRF)

Summary

Index

Customer Reviews

5 star

4 star

3 star

2 star

1 star

Incoming CORS requests

Web content management frameworks are often integrated with external platforms, APIs, and services. When the external source is hosted on a different domain, CORS is used to allow requests from the external local domain to the target domain of the web content management framework, without needing a proxy. We will look at techniques for allowing these requests.

When making a CORS request from the web content management framework as the local domain to a different target domain, it is either handled with custom code using the methods we covered in the earlier chapters, or a plugin may implement the headers and methods needed for the requests.

CORS Essentials

By : Rajesh Gunasundaram

CORS Essentials

By: Rajesh Gunasundaram

Overview of this book

Related Content you might be interested in

Current Title:

CORS Essentials

Incoming CORS requests