# CORS (Cross-Origin Resource Sharing) { #cors-cross-origin-resource-sharing }

[CORS or "Cross-Origin Resource Sharing"](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) refers to the situations when a frontend running in a browser has JavaScript code that communicates with a backend, and the backend is in a different "origin" than the frontend.

## Origin { #origin }

from fastapi import FastAPI
from fastapi.middleware.cors import CORSMiddleware

app = FastAPI()

origins = [
    "http://localhost.tiangolo.com",
    "https://localhost.tiangolo.com",
    "http://localhost",
    "http://localhost:8080",
]

app.add_middleware(
    CORSMiddleware,
    allow_origins=origins,
    allow_credentials=True,
    allow_methods=["*"],
    allow_headers=["*"],
)


@app.get("/")

     * Headers include allowed origin, methods, headers, max age, and credentials setting.
     *
     * @param origin the origin of the request
     * @param request the servlet request
     * @param response the servlet response to add CORS headers to
     */
    @Override
    public void process(final String origin, final ServletRequest request, final ServletResponse response) {

            logger.debug("Loaded CorsHandler: origin={}", origin);
        }
        handerMap.put(origin, handler);
    }

    /**
     * Gets the CORS handler for the specified origin.
     * If no specific handler is found, returns the wildcard handler.
     *
     * @param origin the origin to look up
     * @return the CORS handler for the origin, or null if none found
     */

        String[] origins = { "https://site1.com", "https://site2.com", "https://site3.com" };

        for (String origin : origins) {
            processCalled = false;
            corsHandler.process(origin, request, response);
            assertTrue("process should be called for " + origin, processCalled);
            assertEquals(origin, processOrigin);
        }
    }

# CORS (Cross-Origin Resource Sharing) { #cors-cross-origin-resource-sharing }

[CORS oder <abbr title="Ressourcenfreigabe zwischen Ursprüngen">„Cross-Origin Resource Sharing“</abbr>](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) bezieht sich auf Situationen, in denen ein Frontend, das in einem Browser läuft, JavaScript-Code enthält, der mit einem Backend kommuniziert, und das Backend sich in einem anderen „Origin“ als das Frontend befindet.

## Origin { #origin }

# CORS (Cross-Origin Resource Sharing) { #cors-cross-origin-resource-sharing }

[CORS veya "Cross-Origin Resource Sharing"](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS), tarayıcıda çalışan bir frontend’in JavaScript kodunun bir backend ile iletişim kurduğu ve backend’in frontend’den farklı bir "origin"de olduğu durumları ifade eder.

## Origin { #origin }

# CORS (교차-출처 리소스 공유) { #cors-cross-origin-resource-sharing }

[CORS 또는 "Cross-Origin Resource Sharing"](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS)란, 브라우저에서 실행되는 프론트엔드에 백엔드와 통신하는 JavaScript 코드가 있고, 백엔드가 프론트엔드와 다른 "출처(origin)"에 있는 상황을 의미합니다.

## 출처 { #origin }

출처란 프로토콜(`http`, `https`), 도메인(`myapp.com`, `localhost`, `localhost.tiangolo.com`), 그리고 포트(`80`, `443`, `8080`)의 조합을 의미합니다.

따라서, 아래는 모두 상이한 출처입니다:

* `http://localhost`

api.dashboard.response.headers=Referrer-Policy:strict-origin-when-cross-origin
# Allowed origins for CORS.
api.cors.allow.origin=*
# Allowed HTTP methods for CORS.
api.cors.allow.methods=GET, POST, OPTIONS, DELETE, PUT
# Max age for CORS preflight requests.
api.cors.max.age=3600
# Allowed headers for CORS.
api.cors.allow.headers=Origin, Content-Type, Accept, Authorization, X-Requested-With

# CORS (Partage des ressources entre origines) { #cors-cross-origin-resource-sharing }

[CORS ou « Cross-Origin Resource Sharing »](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) fait référence aux situations où un frontend exécuté dans un navigateur contient du code JavaScript qui communique avec un backend, et où le backend se trouve dans une « origine » différente de celle du frontend.

## Origine { #origin }