Garry Shutler

Robust software engineering and organisation

Cross-site XmlHttpRequest With CORS

I was working on a personal project over the Christmas period and wanted to make cross-site requests from an AJAX client to an API.

As the client and the API were hosted on different domains they violated the same origin policy implemented by almost all browsers. Modern browsers allow cross-site AJAX requests if the API allows cross-origin resource sharing (CORS).

The resources I found at the time on this were a little bare on details but I managed to piece it together and get something working. I was planning on writing a blog post about how to do it but now I know all the terminology I came across this complete article that explains CORS very well, linking to several useful resources.