What is CORS? | Cross-Origin Resource Sharing | CORS Explained!
ฝัง
- เผยแพร่เมื่อ 6 ก.ย. 2024
- #web_security #cors #sop #csrf
Understanding Cross-Origin Resource Sharing is essential if you’re a web developer or want to understand the browser security model. Cross-origin Resource Sharing is a way to relax the SOP, Same Origin Policy, the security mechanism whereby browsers prevent Cross-Site Request Forgery, or CSRF.
In this video, what is CORS, and Why we need it?. You’ll understand how we can bypass the Same Origin Policy with CORS and how HTTP headers are used to customize CORS implementation.
-------- Video Outline --------
00:09 Browser functionalities and security model
01:07 CSRF attack -- Cross-Site Request Forgery
01:41 Same Origin Policy
02:13 What is an Origin
03:05 CSRF and SOP
04:03 Relaxing SOP
04:41 Introducing CORS
05:17 CORS implementation -- HTTP Headers
06:45 Preflight Request
07:19 CORS in Web Browsers vs CLI client
Resources to know more:
* developer.mozi...
* owasp.org/www-...
Check out more of The TechCave Videos:
* • What is a VPN & How do... - What is a VPN and How does it work? VPNs Explained!
* • What is a Proxy Server... - What is a Proxy Server & How Does it work?
* • The Http and the Web |... - HTTP and The Web
* • APIs | REST | REST API... - REST APIs
* • What is DevOps | Under... - DevOps
* • Web Services - Demysti... - Web Services
* • Software Architecture ... - Software Architecture
Artwork and Illustration: Flaticon.com
Stay Tuned!
CORS is one of my biggest challenges when I teach programming to the beginners and why is this happening and what we can do to bypass it, great video, thank you so much 👌🏻
What a great explanation. You've just demystified why my API call was a) sending two HTTP requests and b) why my JWT header item was being removed in the second one. Thank you!!
I've been dealing with this issue for 2 days now and didn't really understand it until now. Thank you!
i´ve been more than an hour trying to understand this concept with other videos, blogs. This video was my solution! Thanks!
understanding CORS in 5 min is possible!
well done thank you
дякую за зрозуміле пояснення
Thank you for this video ! I finally understood what's behind the concept of CORS 🔥
Thank you very much for this wonderful explanation
This was clearly explained. Thank you
thank you so much, great explanation 👏🏽👏🏽👏🏽
Fantastic explanation. Thanks!
Great video! Thanks very much 🙂
Awesome video thanks for uploading.
Thank you for your kind words!
What a GREAT video on this topic. Bravo!
So the browser is the one enforces CORS, and the resource server is the one that can be setup to relax the restriction.
This nice video make me understand the relationship between CORS and SOP.
Excellent explanation, thank you Sir ♥
Thanks for the video, very helpful!
Nice video on CORS, it's clear that you put a lot of effort into creating a high quality presentation.
great explanation, good job!
Very nicely explained. Clear and on point 🔥
Great walkthrough! Thanks for making this. 🙏
What if I don't what to access or change any data just want to click a button on website A which then clicks or simulate a click on website B and execute a function, does this falls under CORS ?
If not any suggestion on how this can be done?
Great work! Awesome content as always❤
The video is great, mate!
can you explain important of CORS for client server
Nice! Thanks
This was an amazing explanation! Thank you :)
Great video, very easy to understand with those examples.
This is a really helpful explanation, thanks!
Great explanation. Thank you
Great video! Thanks for this! :)
great explanation
thank you so much
You're welcome!
Thanks!
It just feels like the browser developers want every api developer to feel the pain of the browser dev being accused by some random user of the user's stolen information from a random website. (In which case the browser developer, of course, is not to blame, it's just that users are so stupid.)
henz the reason im looking this up, no companys want to take the blame for my identity theft. yea
You going to fast and your explanation are confusing
Bonzai..!