Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • CORS Essentials
  • Toc
  • feedback
CORS Essentials

CORS Essentials

By : Gunasundaram
3 (1)
close
CORS Essentials

CORS Essentials

3 (1)
By: Gunasundaram

Overview of this book

This book explains how to use CORS, including specific implementations for platforms such as Drupal, WordPress, IIS Server, ASP.NET, JBoss, Windows Azure, and Salesforce, as well as how to use CORS in the Cloud on Amazon AWS, YouTube, Mulesoft, and others. It examines limitations, security risks, and alternatives to CORS. It explores the W3C Specification and major developer documentation sources about CORS. It attempts to predict what kinds of extension to the CORS specification, or completely new techniques, will come in the future to address the limitations of CORS Web developers will learn how to share code and assets across domains with CORS. They will learn a variety of techniques that are rather similar in their method and syntax. The book is organized by similar types of framework and application, so it can be used as a reference. Developers will learn about special cases, such as when a proxy is necessary. And they will learn about some alternative techniques that achieve similar goals, and when they may be preferable to using CORS
Table of Contents (10 chapters)
close
close
Preface
chevron up
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Free Chapter
1
1. Why You Need CORS
1. Why You Need CORS
The same-origin policy
Considering the origin of entities
Commonly allowed cross-origin resource sharing
Permissions required by JavaScript
How CORS works – the header and the request
CORS with Preflight
Troubleshooting and debugging CORS
CORS with jQuery
Enabling CORS globally with server configuration
Alternatives to CORS
Summary
2
2. Creating Proxies for CORS
2. Creating Proxies for CORS
Proxies and the World Wide Web
What is a proxy server?
Reasons to use a proxy
Creating a proxy server with Google App Engine
Summary
3
3. Usability and Security
3. Usability and Security
CORS usability
Enhancing security in CORS
Summary
4
4. CORS in Popular Content Management Frameworks
4. CORS in Popular Content Management Frameworks
Incoming CORS requests
SAAS or self-hosted?
CORS in WordPress
CORS in Drupal
CORS in Joomla!
CORS in Adobe Experience Manager
Summary
5
5. CORS in Windows
5. CORS in Windows
Incoming CORS requests
How to set the Access-Control-Allow-Origin header globally in Windows IIS Server
CORS in the ASP.NET Web API
CORS in Windows Communication Foundation
CORS in Windows browsers – Internet Explorer and Edge
Summary
6
6. CORS in the Cloud
6. CORS in the Cloud
CORS requests in cloud APIs
CORS in Amazon Simple Storage Service (S3)
Using CORS in Google Cloud Storage
Authenticated access to Google APIs with CORS
CORS in IBM Cloudant
CORS in Windows Azure Storage
CORS in Box API
CORS in the Dropbox API
Summary
References
7
7. CORS in Node.js
7. CORS in Node.js
JavaScript frameworks are very popular
Introduction to Node.js
JavaScript frameworks that work with Node.js
CORS in Express.js
CORS npm for Express.js using Connect.js middleware
CORS in AngularJS
CORS in Backbone.js
Node.js and JavaScript frameworks are evolving rapidly
Summary
References
8
8. CORS Best Practices
8. CORS Best Practices
Enabling API to public CORS requests
Limiting API to allow CORS requests to a whitelisted set of origins
Protecting against cross-site request forgery (CSRF)
Summary
9
Index
Index

What this book covers

Chapter 1, Why You Need CORS, discusses the same-origin policy, which limits sharing resources across domains; granting access to CORS requests by setting headers; different ways to add more security; understanding preflight requests to prepare for some types of CORS methods and events; and alternatives to CORS.

Chapter 2, Creating Proxies for CORS, discusses what a Proxy Server is and various reasons to use a Proxy, different types of Proxy Servers, and reverse proxis in Node.js with CORS anywhere.

Chapter 3, Usability and Security, discusses CORS and XDomainRequest, detecting AJAX support in the browser, using preflight to ensure usability and improve security, handling access-control-allow-origin header with and without the wildcard, HTTP request and response headers for usability and security, CORS requests with credentials, and setting and reading cookies, and CORS security cheat sheet by OWASP.

Chapter 4, CORS in Popular Content Management Frameworks, discusses how to enable CORS in WordPress, Drupal, Joomla!, and Adobe Experience Manager (AEM).

Chapter 5, CORS in Windows, discusses implementing CORS on the Windows platform. The Windows platform includes IIS, ASP.NET Web API applications, and Windows Communication Foundation.

Chapter 6, CORS in the Cloud, discusses using CORS in cloud computing services such as Amazon Simple Storage Service (S3), Google Cloud Storage, IBM Cloudant, Windows Azure Storage, the Box.com API, and the Dropbox API.

Chapter 7, CORS in Node.js, discusses the Node.js platform and using CORS in JavaScript frameworks such as ReactJS, Ember.js, and Socket.IO, with examples based on the fundamentals of CORS with allowed origin(s), methods, and headers.

Chapter 8, CORS Best Practices, discusses best practices in enabling API-to-public CORS requests, limiting the API to allow CORS requests to a whitelisted set of origins, protecting against cross-site request forgery (CSRF), and minimizing preflight requests.

Next Section
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete