CORS in Action

DESCRIPTION Most web developers have encountered the "same-origin" policy enforced by all browsers—pages and applications can't access data from domains other than the one that serves them. This limitation means that complex server-side code is needed in order to share data between different domains. CORS, Cross-Origin Resource Sharing, is a new web standard that provides a safe method for cross-domain access.   CORS in Action introduces Cross-Origin Resource Sharing from both the server and the client perspective. It starts with the basics: making CORS requests and implementing CORS on the server. It then explores key details such as performance, debugging, and security. API authors learn how CORS opens APIs to a wider range of users. JavaScript developers will find valuable techniques for building rich web apps that can take advantage of APIs hosted anywhere. The techniques described in this book are especially applicable to mobile environments, where browsers are guaranteed to support CORS.   RETAIL SELLING POINTS CORS from the ground up Best practices for building CORS APIs Explains different cross-origin technologies CORS security   AUDIENCE This book is written for web developers with a working knowledge of JavaScript. No CORS experience is required.   ABOUT THE TECHNOLOGY CORS is a good fit for mobile technology and is the cornerstone of building open web APIs. Traditionally, web developers would have to add a server-side component to their web apps in order to access APIs. CORS allows the entire web application, including API access to reside inside JavaScript and the browser.