# CORS (Cross-Origin Resource Sharing) { #cors-cross-origin-resource-sharing }

[CORS or "Cross-Origin Resource Sharing"](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) refers to the situations when a frontend running in a browser has JavaScript code that communicates with a backend, and the backend is in a different "origin" than the frontend.

## Origin { #origin }

        // Execute
        corsHandlerFactory.add(origin1, handler1);
        corsHandlerFactory.add(origin2, handler2);
        corsHandlerFactory.add(origin3, handler3);

        // Verify
        assertEquals(handler1, corsHandlerFactory.get(origin1));
        assertEquals(handler2, corsHandlerFactory.get(origin2));
        assertEquals(handler3, corsHandlerFactory.get(origin3));
    }

    @Test

    public static final String SAME_ORIGIN = "same-origin";
    public static final String ORIGIN = "origin";
    public static final String STRICT_ORIGIN = "strict-origin";
    public static final String ORIGIN_WHEN_CROSS_ORIGIN = "origin-when-cross-origin";
    public static final String STRICT_ORIGIN_WHEN_CROSS_ORIGIN = "strict-origin-when-cross-origin";
    public static final String UNSAFE_URL = "unsafe-url";
  }

    }

    // Test with different origin formats
    @Test
    public void test_doFilter_differentOrigins() throws Exception {
        String[] origins = { "http://localhost:8080", "https://example.com", "http://subdomain.example.com", "https://example.com:3000" };

        for (String origin : origins) {
            resetMocks(); // Reset for each test
            mockRequest.setHeader("Origin", origin);

        return True
    origin = get_origin(annotation)
    if origin is Union or origin is UnionType:
        for arg in get_args(annotation):
            if lenient_issubclass(arg, UploadFile):
                return True
    return False


def is_bytes_sequence_annotation(annotation: Any) -> bool:
    origin = get_origin(annotation)
    if origin is Union or origin is UnionType:
        at_least_one = False

# CORS (Cross-Origin Resource Sharing) { #cors-cross-origin-resource-sharing }

[CORSまたは「Cross-Origin Resource Sharing」](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) は、ブラウザで実行されているフロントエンドにバックエンドと通信するJavaScriptコードがあり、そのバックエンドがフロントエンドとは異なる「オリジン」にある状況を指します。

## オリジン { #origin }

オリジンはプロトコル (`http`、`https`) とドメイン (`myapp.com`、`localhost`、`localhost.tiangolo.com`) とポート (`80`、`443`、`8080`) の組み合わせです。

したがって、以下はすべて異なるオリジンです:

* `http://localhost`

        String[] origins = { "https://site1.com", "https://site2.com", "https://site3.com" };

        for (String origin : origins) {
            processCalled = false;
            corsHandler.process(origin, request, response);
            assertTrue("process should be called for " + origin, processCalled);
            assertEquals(origin, processOrigin);
        }
    }

中间件响应两种特定类型的 HTTP 请求...

### CORS 预检请求 { #cors-preflight-requests }

这是些带有 `Origin` 和 `Access-Control-Request-Method` 请求头的 `OPTIONS` 请求。

在这种情况下，中间件将拦截传入的请求并进行响应，出于提供信息的目的返回一个使用了适当的 CORS headers 的 `200` 或 `400` 响应。

### 简单请求 { #simple-requests }

任何带有 `Origin` 请求头的请求。在这种情况下，中间件将像平常一样传递请求，但是在响应中包含适当的 CORS headers。

## 更多信息 { #more-info }

     *     service is the origin of the stream. When zero, the origin is specified in the `origin`
     *     parameter.
     * @param origin when present, the [origin](http://tools.ietf.org/html/rfc6454) is typically
     *     represented as a combination of scheme, host and port. When empty, the origin is that of
     *     the `streamId`.

  direction: ltr;
}

.termy [data-termynal] {
  white-space: pre-wrap;
}

.termy .linenos {
  display: none;
}

/* External links: detected by JS comparing origin to site origin
   JS sets data-external-link on links pointing outside the site
   Skip image links, .no-link-icon, and .announce-link */
a[data-external-link]:not(:has(img)):not(.no-link-icon):not(.announce-link) {