Cross-Origin Resource Sharing (CORS)

• Say, web site a.com has some data that b.com site wants to access.
• Web browser's same origin policy won't allow that happen.
• If a.com supports CORS requests (that are made by sites like b.com) by adding a few special response headers, b.com can access the data.
• CORS (Cross-Origin Resource Sharing) is a W3C spec that allows cross-browser communication from the browser. By building on top of the XMLHttpRequest object, CORS allows developers to work with the same idioms as same-domain requests. Read more in this html5rocks tutorial by Monsur Hossain!