Web Browser - Cross Origin Request (Cross Site)

> (World Wide) Web - (W3|WWW) > Web - Browser

1 - About

A cross-origin request is a request that doesn't come from the same origin.

A cross-origin request is also known as a:

A request that is not a cross-origin request is a same origin request.


3 - Method

4 - Security

You can prevent bad cross origin request:

5 - Allowed header

Only the following headers are allowed cross domain:

  • Accept
  • Accept-Language
  • Content-Language
  • Last-Event-ID
  • Content-Type

any others cause a CORS Pre-flight request.