# CORS (Cross-Origin Resource Sharing) { #cors-cross-origin-resource-sharing }

<a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS" class="external-link" target="_blank">CORS or "Cross-Origin Resource Sharing"</a> refers to the situations when a frontend running in a browser has JavaScript code that communicates with a backend, and the backend is in a different "origin" than the frontend.

## Origin { #origin }

But if you have custom headers that you want a client in a browser to be able to see, you need to add them to your CORS configurations ([CORS (Cross-Origin Resource Sharing)](cors.md){.internal-link target=_blank}) using the parameter `expose_headers` documented in <a href="https://www.starlette.io/middleware/#corsmiddleware" class="external-link" target="_blank">Starlette's CORS docs</a>.

below.

Then type

```sh
kubectl create secret generic tls-ssl-minio --from-file=path/to/private.key --from-file=path/to/public.crt
```

Cross check if the secret is created successfully using

```sh
kubectl get secrets
```

You should see a secret named `tls-ssl-minio`.

## 3. Update deployment yaml file

eb/HTTP/Headers" class="external-link" target="_blank">using the 'X-' prefix</a>.

But if you have custom headers that you want a client in a browser to be able to see, you need to add them to your CORS configurations (read more in [CORS (Cross-Origin Resource Sharing)](../tutorial/cors.md){.internal-link target=_blank}), using the parameter `expose_headers` documented in <a href="https://www.starlette.io/middleware/#corsmiddleware" class="external-link" target="_blank">Starlette's CORS docs</a>....

            assertEquals(0x2, EncryptionNegotiateContext.CIPHER_AES128_GCM);
            assertEquals(0x2, EncryptionNegotiateContext.NEGO_CTX_ENC_TYPE);
        }
    }

    @Nested
    @DisplayName("Cross-Implementation Tests")
    class CrossImplementationTests {

        @Test
        @DisplayName("Should have different context types for different implementations")
        void testDifferentContextTypes() {

* D'obtenir de nombreuses fonctionnalités supplémentaires (grâce à  Starlette) comme :
    * **WebSockets**
    * de tester le code très facilement avec `requests` et `pytest`
    * **<abbr title="Cross-Origin Resource Sharing">CORS</abbr>**
    * **Cookie Sessions**
    * ... et plus encore.

## Performance

    assertThat(cache.hitCount()).isEqualTo(2)
    assertThat(response2.handshake!!.cipherSuite).isEqualTo(
      response1.handshake!!.cipherSuite,
    )
  }

  /**
   * We've had bugs where caching and cross-protocol redirects yield class cast exceptions internal
   * to the cache because we incorrectly assumed that HttpsURLConnection was always HTTPS and

This change fixes a [CSRF](https://en.wikipedia.org/wiki/Cross-site_request_forgery) security vulnerability when using cookies for authentication in path operations with JSON payloads sent by browsers.