# CORS (Cross-Origin Resource Sharing) { #cors-cross-origin-resource-sharing }

[CORS veya "Cross-Origin Resource Sharing"](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS), tarayıcıda çalışan bir frontend’in JavaScript kodunun bir backend ile iletişim kurduğu ve backend’in frontend’den farklı bir "origin"de olduğu durumları ifade eder.

## Origin { #origin }

# CORS (Cross-Origin Resource Sharing) { #cors-cross-origin-resource-sharing }

[CORS or "Cross-Origin Resource Sharing"](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) refers to the situations when a frontend running in a browser has JavaScript code that communicates with a backend, and the backend is in a different "origin" than the frontend.

## Origin { #origin }

	referrerPolicy := env.Get(EnvBrowserReferrerPolicy, kvs.GetWithDefault(browserReferrerPolicy, DefaultKVS))
	switch referrerPolicy {
	case "no-referrer", "no-referrer-when-downgrade", "origin", "origin-when-cross-origin", "same-origin", "strict-origin", "strict-origin-when-cross-origin", "unsafe-url":
		cfg.ReferrerPolicy = referrerPolicy
	default:
		return cfg, fmt.Errorf("invalid value %v for %s", referrerPolicy, browserReferrerPolicy)
	}

# CORS (Cross-Origin Resource Sharing) { #cors-cross-origin-resource-sharing }

[CORS o "Cross-Origin Resource Sharing"](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) se refiere a situaciones en las que un frontend que se ejecuta en un navegador tiene código JavaScript que se comunica con un backend, y el backend está en un "origen" diferente al frontend.

## Origen { #origin }

# CORS (Partage des ressources entre origines) { #cors-cross-origin-resource-sharing }

[CORS ou « Cross-Origin Resource Sharing »](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) fait référence aux situations où un frontend exécuté dans un navigateur contient du code JavaScript qui communique avec un backend, et où le backend se trouve dans une « origine » différente de celle du frontend.

## Origine { #origin }

     * Headers include allowed origin, methods, headers, max age, and credentials setting.
     *
     * @param origin the origin of the request
     * @param request the servlet request
     * @param response the servlet response to add CORS headers to
     */
    @Override
    public void process(final String origin, final ServletRequest request, final ServletResponse response) {

    this.supportsFastOffset = supportsFastOffset;
  }

  /**
   * Returns, conceptually, "origin + distance", or equivalently, the result of calling {@link
   * #next} on {@code origin} {@code distance} times.
   */
  C offset(C origin, long distance) {
    C current = origin;
    checkNonnegative(distance, "distance");
    for (long i = 0; i < distance; i++) {
      current = next(current);

    public static final String SAME_ORIGIN = "same-origin";
    public static final String ORIGIN = "origin";
    public static final String STRICT_ORIGIN = "strict-origin";
    public static final String ORIGIN_WHEN_CROSS_ORIGIN = "origin-when-cross-origin";
    public static final String STRICT_ORIGIN_WHEN_CROSS_ORIGIN = "strict-origin-when-cross-origin";
    public static final String UNSAFE_URL = "unsafe-url";
  }

    }

    // Test with valid Origin and CorsHandler found (non-OPTIONS request)
    @Test
    public void test_doFilter_withCorsHandler_nonOptions() throws IOException, ServletException {
        String origin = "http://example.com";
        mockRequest.setHeader("Origin", origin);
        mockRequest.setMethod("GET");
        TestCorsHandler handler = new TestCorsHandler();
        corsHandlerFactory.setHandler(handler);

    }

    @Test
    public void test_add_and_get_specificOrigin() {
        // Setup
        String origin = "https://example.com";
        TestCorsHandler handler = new TestCorsHandler("example-handler");

        // Execute
        corsHandlerFactory.add(origin, handler);
        CorsHandler result = corsHandlerFactory.get(origin);

        // Verify
        assertNotNull(result);
        assertEquals(handler, result);