1
Q
What is CORS. Why isn’t it a security feature
A
Cross origin request policy is a way to relax the same origin policy of the browsers. It doesn’t protect from XSS. Information can still be stolen.
Api doesn’t get protected. It sends response but browser blocks it and returns error if cross site.
Cors only work is browser supports it.
API Study Notes
flashcards
Decks in class (8)
# Cards
