About CORS(1)
This is an article about Cross-Origin Resource Sharing (CORS).
CORS Basic Sequence of Events
- the client passes the Origin in the HTTP request header (where Origin consists of protocol, host, and port, indicating the domain from which the request is being sent).
- The server sends Access-Control-Allow-Origin in the response header to the client.
- It sends down the value ‘origin allowed to access this resource’.
- When the browser receives the response from the server, it compares the client and server origin.
- If they are invalid, it discards the response without using it (raising a CORS error)
Assuming the situation
You need to fetch data from an external URL, such as an Open API.
Solution
We need to get the information from BE via server-to-server communication, rewrite it into an API for our service, and send it to FE. FE exposes the data.
Why do we need CORS?
We’ll cover that in part 2. Link