cross origin and cors
The browser same origin policy is a security mechanism which restricts how a document loaded from one origin can interact with another origin For us engineers it means if you need to make (certain) kinds of requests to a different origin then you need to be aware of the restrictions and how to work around. See mdn docs here for explanation of what is and is not considered same origin. Some cross origin requests are allowed such as embedding: images (img), stylesheets, scripts, fonts, iframe links, redirects and form submissions So what to do if you need to make cross origin requests which are restricted? You need to use CORS (cross origin resource sharing). It is a http header mechanism which allows a server to configure origins (other than it's own) for which it allows requests. If mydomain.com wants to make a http request to yourdomain.com then unless yourdomain.com configures CORS that request will fail. Some http requests are considered "simple" e.g. Get and POST u