Cross-Origin Resource Sharing (CORS)

📄 Table of Contents

Why was the CORS error there in the first place?

How does the same-origin policy work under the hood?

Origin: http://localhost:3000
Access-Control-Allow-Origin: http://localhost:3000
Access-Control-Allow-Origin: *

How does CORS work? #

Step 1: client (browser) request #

Step 2: server response #

Step 3: browser receives response #

Preflight requests for complex HTTP calls #

OPTIONS /data HTTP/1.1
Origin: https://example.com
Access-Control-Request-Method: DELETE
HTTP/1.1 200 OK
Access-Control-Allow-Origin: https://example.com
Access-Control-Allow-Methods: GET, DELETE, HEAD, OPTIONS

REST Design — Choosing the Right HTTP Method

GET: Idempotent & Safe

GET /books
GET /books/<title>

Experience with Front-end Technologies and MERN / MEAN Stack. Working on all Major UI Frameworks like React, Angular.