Software Engineering Institute

Alex Corn discusses how cross-origin resource sharing (CORS) works to resolve network problems caused by same-origin policy, and how it should be configured.

Same-origin policy is a feature of modern web browsers that restricts scripts hosted on one website from making calls to another website. While useful from a security perspective, this policy can restrict certain legitimate use cases in which there is no security threat. The best solution to allow those legitimate cases to function properly is to employ CORS. This Cyber Minute discusses how CORS works and how it should be configured to avoid risk.