Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Cross-origin resource sharing
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Dmitry Zhlobo
July 02, 2015
Programming
81
1
Share
Cross-origin resource sharing
Dmitry Zhlobo
July 02, 2015
More Decks by Dmitry Zhlobo
See All by Dmitry Zhlobo
Growing Rails Apps
dimazhlobo
1
160
Rails: The Good Parts
dimazhlobo
2
140
Ethereum Smart Contracts For Developers
dimazhlobo
0
120
Elasticsearch Introduction
dimazhlobo
0
760
Ruby Code Analisis
dimazhlobo
7
860
Other Decks in Programming
See All in Programming
UIの境界線をデザインする | React Tokyo #15 メイントーク
sasagar
2
400
(Re)make Regexp in Ruby: Democratizing internals for the JIT
makenowjust
3
890
CursorとClaudeCodeとCodexとOpenCodeを実際に比較してみた
terisuke
1
500
属人化しないコード品質の作り方_2026.04.07.pdf
muraaano
0
270
🦞OpenClaw works with AWS
licux
1
310
10 Tips of AWS ~Gen AI on AWS~
licux
5
500
Kingdom of the Machine
yui_knk
2
1.2k
Firefoxにコントリビューションして得られた学び
ken7253
0
110
クラウドネイティブなエンジニアに向ける Raycastの魅力と実際の活用事例
nealle
2
230
実用!Hono RPC2026
yodaka
2
280
Surviving Black Friday: 329 billion requests with Falcon!
ioquatix
0
2k
How We Practice Exploratory Testing in Iterative Development( #scrumniigata ) / 反復開発の中で、探索的テストをどう実施しているか
teyamagu
PRO
0
140
Featured
See All Featured
Lightning talk: Run Django tests with GitHub Actions
sabderemane
0
170
The Mindset for Success: Future Career Progression
greggifford
PRO
0
320
Rails Girls Zürich Keynote
gr2m
96
14k
A Guide to Academic Writing Using Generative AI - A Workshop
ks91
PRO
1
280
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
234
17k
Optimizing for Happiness
mojombo
378
71k
SEO in 2025: How to Prepare for the Future of Search
ipullrank
3
3.4k
Claude Code のすすめ
schroneko
67
220k
The Spectacular Lies of Maps
axbom
PRO
1
720
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
10
1.1k
職位にかかわらず全員がリーダーシップを発揮するチーム作り / Building a team where everyone can demonstrate leadership regardless of position
madoxten
62
53k
Collaborative Software Design: How to facilitate domain modelling decisions
baasie
1
200
Transcript
CORS Cross-origin resource sharing
Whitelist • <script> • <img> • <iframe> • <embed>
But XMLHttpRequest
XSS
Same origin
What to do? • WebSockets • Cross-document messaging • JSONP
• CORS
JSONP <script src=“http://otherdomain.com/test.json"> callback({"how" : "it works"})
CORS OPTIONS /test.json Host: example.com Origin: http://sbdmn.example.com Access-Control-Allow-Origin: http://sbdmn.example.com Access-Control-Allow-Methods:
GET, POST
CORS • Request: • Origin • Access-Control-Request-Method • Access-Control-Request-Headers •
Response: • Access-Control-Allow-Origin • Access-Control-Allow-Credentials • Access-Control-Expose-Headers • Access-Control-Max-Age • Access-Control-Allow-Methods • Access-Control-Allow-Headers
Questions?
dimazhlobo
sasagar
makenowjust
terisuke
muraaano
licux
yui_knk
ken7253
nealle
yodaka
ioquatix
teyamagu
sabderemane
greggifford
gr2m
ks91
marcelosomers
mojombo
ipullrank
schroneko
axbom
addyosmani
madoxten
baasie
