Understanding CORS
The Bridge Between Security and Flexibility
If you are not a medium member ,read it here
If you In web development, CORS (Cross-Origin Resource Sharing) is a hassle. But have you ever thought about why it’s there or how it works? Let’s break down what CORS is all about and why it’s important to keep the web secure.
A Problem of Trust
Imagine you’ve logged into your favourite shopping site. Your browser now holds a session token, which tells the website that you’re authorized to make requests on your account. All is well — until you accidentally visit a malicious website that secretly tries to access your account data.
Without safeguards, your browser would unknowingly send that session token to the shopping site on behalf of the malicious site, potentially exposing your personal information. This is the essence of the problem that CORS aims to solve.
SOP: The First Line of Defense
To counter such threats, browsers introduced the Same-Origin Policy (SOP). SOP ensures that web pages can only make requests to their own origin — defined…
