# CORS (Cross-Origin Resource Sharing) { #cors-cross-origin-resource-sharing }

<a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS" class="external-link" target="_blank">CORS o "Cross-Origin Resource Sharing"</a> se refiere a situaciones en las que un frontend que se ejecuta en un navegador tiene código JavaScript que se comunica con un backend, y el backend está en un "origen" diferente al frontend.

## Origen { #origin }

# CORS (Cross-Origin Resource Sharing) { #cors-cross-origin-resource-sharing }

# CORS (Cross-Origin Resource Sharing) { #cors-cross-origin-resource-sharing }

<a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS" class="external-link" target="_blank">Понятие CORS или "Cross-Origin Resource Sharing"</a> относится к ситуациям, при которых запущенный в браузере фронтенд содержит JavaScript-код, который взаимодействует с бэкендом, находящимся на другом "источнике" ("origin").

## Источник { #origin }

# CORS (Cross-Origin Resource Sharing) { #cors-cross-origin-resource-sharing }

<a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS" class="external-link" target="_blank">CORS or "Cross-Origin Resource Sharing"</a> refers to the situations when a frontend running in a browser has JavaScript code that communicates with a backend, and the backend is in a different "origin" than the frontend.

## Origin { #origin }

* request body: request body (do not translate to "cuerpo de la petición")
* response body: response body (do not translate to "cuerpo de la respuesta")
* cross domain: cross domain (do not translate to "dominio cruzado")
* cross origin: cross origin (do not translate to "origen cruzado")
* plugin: plugin (do not translate to "complemento" or "extensión")
* plug-in: plug-in (do not translate to "complemento" or "extensión")

* autocomplete: autocompletar
* autocompletion: preenchimento automático
* bug: bug
* context manager: gerenciador de contexto
* cross domain: cross domain (do not translate to "domínio cruzado")
* cross origin: cross origin (do not translate to "origem cruzada")
* Cross-Origin Resource Sharing: Cross-Origin Resource Sharing (do not translate to "Compartilhamento de Recursos de Origem Cruzada")

│   ├── user/                  # User index
│   ├── exbhv/                 # Extended behaviors (repositories)
│   └── exentity/              # Extended entities (domain models)
├── helper/                    # Cross-cutting utilities
├── crawler/                   # Crawling engine
├── sso/                       # SSO implementations
└── ds/                        # Data store connectors

src/main/resources/

  /**
   * The HTTP <a href="https://wicg.github.io/cross-origin-embedder-policy/#COEP">{@code
   * Cross-Origin-Embedder-Policy}</a> header field name.
   *
   * @since 30.0
   */
  public static final String CROSS_ORIGIN_EMBEDDER_POLICY = "Cross-Origin-Embedder-Policy";

  /**
   * The HTTP <a href="https://wicg.github.io/cross-origin-embedder-policy/#COEP-RO">{@code
   * Cross-Origin-Embedder-Policy-Report-Only}</a> header field name.

/// tip

请记住可以 <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers" class="external-link" target="_blank">用'X-' 前缀</a>添加专有自定义请求头.

但是如果你想让浏览器中的客户端看到你的自定义请求头, 你需要把它们加到 CORS 配置 ([CORS (Cross-Origin Resource Sharing)](cors.md){.internal-link target=_blank}) 的 `expose_headers` 参数中,在 <a href="https://www.starlette.dev/middleware/#corsmiddleware" class="external-link" target="_blank">Starlette's CORS docs</a>文档中.

///

ocs/Web/HTTP/Headers" class="external-link" target="_blank">при помощи префикса 'X-'</a>.

Если же вы хотите добавить собственные заголовки, которые клиент сможет увидеть в браузере, то вам потребуется добавить их в настройки CORS ([CORS (Cross-Origin Resource Sharing)](cors.md){.internal-link target=_blank}), используя параметр `expose_headers`, см. документацию <a href="https://www.starlette.dev/middleware/#corsmiddleware" class="external-link" target="_blank">Starlette's CORS docs</a>....