CORS Headers

← Back to HTTP Headers

Cross-Origin Resource Sharing headers that control which origins can access resources. Access-Control-Allow-Origin specifies allowed origins, Access-Control-Allow-Methods lists allowed methods, Access-Control-Allow-Headers lists allowed headers. Misconfigured CORS is a common source of frontend bugs and security issues.

networking http security