What is CORS (Cross-Origin Resource Sharing)?
A security mechanism that controls which websites can make requests to your server.
Why It Matters
CORS prevents malicious websites from making unauthorised requests to your API using your users' credentials.
Real-World Example
Configuring your API to only accept requests from your own domain, blocking requests from unknown sites.
“Understanding terms like CORS (Cross-Origin Resource Sharing) matters because it helps you have better conversations with developers and make smarter decisions about your software. You do not need to be technical. You just need to know enough to ask the right questions.”
Learn More at buildDay Melbourne
Want to understand these concepts hands-on? Join our one-day workshop and build a real web application from scratch.
Related Terms
API
A way for different software applications to talk to each other and share data
CSRF (Cross-Site Request Forgery)
An attack that tricks a logged-in user's browser into making unwanted requests to a site they are authenticated with.
Authentication
The process of verifying who someone is, usually through a username and password
Authorisation
Determining what actions or data a verified user is allowed to access
OAuth
A standard that lets you log into apps using your existing accounts from Google, Facebook, or other providers
JWT (JSON Web Token)
A secure digital pass that proves who you are without needing to check the database every time