# CORS (Cross-Origin Resource Sharing) { #cors-cross-origin-resource-sharing }

[CORS or "Cross-Origin Resource Sharing"](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) refers to the situations when a frontend running in a browser has JavaScript code that communicates with a backend, and the backend is in a different "origin" than the frontend.

## Origin { #origin }

from fastapi import FastAPI
from fastapi.middleware.cors import CORSMiddleware

app = FastAPI()

origins = [
    "http://localhost.tiangolo.com",
    "https://localhost.tiangolo.com",
    "http://localhost",
    "http://localhost:8080",
]

app.add_middleware(
    CORSMiddleware,
    allow_origins=origins,
    allow_credentials=True,
    allow_methods=["*"],
    allow_headers=["*"],
)


@app.get("/")

     * Headers include allowed origin, methods, headers, max age, and credentials setting.
     *
     * @param origin the origin of the request
     * @param request the servlet request
     * @param response the servlet response to add CORS headers to
     */
    @Override
    public void process(final String origin, final ServletRequest request, final ServletResponse response) {

            logger.debug("Loaded CorsHandler: origin={}", origin);
        }
        handerMap.put(origin, handler);
    }

    /**
     * Gets the CORS handler for the specified origin.
     * If no specific handler is found, returns the wildcard handler.
     *
     * @param origin the origin to look up
     * @return the CORS handler for the origin, or null if none found
     */

        String[] origins = { "https://site1.com", "https://site2.com", "https://site3.com" };

        for (String origin : origins) {
            processCalled = false;
            corsHandler.process(origin, request, response);
            assertTrue("process should be called for " + origin, processCalled);
            assertEquals(origin, processOrigin);
        }
    }

        // Execute
        corsHandlerFactory.add(origin1, handler1);
        corsHandlerFactory.add(origin2, handler2);
        corsHandlerFactory.add(origin3, handler3);

        // Verify
        assertEquals(handler1, corsHandlerFactory.get(origin1));
        assertEquals(handler2, corsHandlerFactory.get(origin2));
        assertEquals(handler3, corsHandlerFactory.get(origin3));
    }

    @Test

    }

    // Test with different origin formats
    @Test
    public void test_doFilter_differentOrigins() throws Exception {
        String[] origins = { "http://localhost:8080", "https://example.com", "http://subdomain.example.com", "https://example.com:3000" };

        for (String origin : origins) {
            resetMocks(); // Reset for each test
            mockRequest.setHeader("Origin", origin);

cluster_deadline                (duration)  set the deadline for cluster readiness check (default: '10s')
cors_allow_origin               (csv)       set comma separated list of origins allowed for CORS requests (default: '*')
remote_transport_deadline       (duration)  set the deadline for API requests on remote transports while proxying between federated instances e.g. "2h" (default: '2h')

# CORS (Cross-Origin Resource Sharing) { #cors-cross-origin-resource-sharing }

[CORS oder <abbr title="Ressourcenfreigabe zwischen Ursprüngen">„Cross-Origin Resource Sharing“</abbr>](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) bezieht sich auf Situationen, in denen ein Frontend, das in einem Browser läuft, JavaScript-Code enthält, der mit einem Backend kommuniziert, und das Backend sich in einem anderen „Origin“ als das Frontend befindet.

## Origin { #origin }

# CORS (Cross-Origin Resource Sharing) { #cors-cross-origin-resource-sharing }

[CORS veya "Cross-Origin Resource Sharing"](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS), tarayıcıda çalışan bir frontend’in JavaScript kodunun bir backend ile iletişim kurduğu ve backend’in frontend’den farklı bir "origin"de olduğu durumları ifade eder.

## Origin { #origin }