Cross-Origin Resource Sharing (CORS) is a mechanism that permits loading resources on other origins, such as a domain, protocol, or port, via HTTP headers.
CORS grants these permissions via policies, which specify the approved origin and the match type, which sets the
Access-Control-Allow-Origin header if the client’s origin matches the value you provide.
CORS checks if the server permits a request using a ‘preflight request’. In short, CORS defines how a browser and server can interact in order to safely send a cross-origin request (COR).
To learn more about configuring CORS, see How to Configure CORS Policies in App Platform.
Client web applications loaded in one domain can interact with resources in a Space with Cross-Origin Resource Sharing (CORS) configured, see How to Configure CORS Policies in Spaces.