In the previous section, we discussed allowing all the origins to access the resources available from different origins. We only need to enable such options if the resource needs to be served publicly to any domain from the API service. Otherwise, it is good practice to allow CORS requests only to the whitelisted set of origins. This can be achieved by replacing the wildcard (*) and adding the specific set of origins that are allowed to access the resources from the API.
CORS Essentials
By :
CORS Essentials
By:
Overview of this book
This book explains how to use CORS, including specific implementations for platforms such as Drupal, WordPress, IIS Server, ASP.NET, JBoss, Windows Azure, and Salesforce, as well as how to use CORS in the Cloud on Amazon AWS, YouTube, Mulesoft, and others. It examines limitations, security risks, and alternatives to CORS. It explores the W3C Specification and major developer documentation sources about CORS. It attempts to predict what kinds of extension to the CORS specification, or completely new techniques, will come in the future to address the limitations of CORS
Web developers will learn how to share code and assets across domains with CORS. They will learn a variety of techniques that are rather similar in their method and syntax. The book is organized by similar types of framework and application, so it can be used as a reference. Developers will learn about special cases, such as when a proxy is necessary. And they will learn about some alternative techniques that achieve similar goals, and when they may be preferable to using CORS
Related Content you might be interested in
Current Title:
CORS Essentials
No titles found
Table of Contents (15 chapters)
CORS Essentials
Credits
About the Authors
www.PacktPub.com
Customer Feedback
Preface
Free Chapter
Why You Need CORS
Creating Proxies for CORS
Usability and Security
CORS in Popular Content Management Frameworks
CORS in Windows
CORS in the Cloud
CORS in Node.js
CORS Best Practices
Index
Customer Reviews