Cross-Origin Resource Sharing (CORS)
Mechanism where servers opt in to cross-origin requests via HTTP headers, enforcing origin-based access controls.
#web#security#headers
Last updated: 2025-09-07T00:00:00.000Z
Differences across sources
Parallel sources use distinct terminology or emphasize different aspects.
Review each citation to understand scope and normative intent.
Evidence
OTHER WHATWG Fetch Standard — CORS Normative evidence
OTHER W3C CORS (historical) Informative evidence
More context
CORS augments the SOP by defining preflight and response headers that explicitly permit cross‑origin requests.