Cross-Origin Resource Sharing (CORS)
What requests use CORS?
This cross-origin sharing standard can enable cross-site HTTP requests for:
Web Fonts (for cross-domain font usage in @font-face within CSS), so that servers can deploy TrueType fonts that can only be loaded cross-site and used by web sites that are permitted to do so. WebGL textures. Images/video frames drawn to a canvas using drawImage(). CSS Shapes from images.
Some requests don’t trigger a CORS preflight. Those are called simple requests
A simple request is one that meets all the following conditions: on of these Methods
- Content-Type: ( application/x-www-form-urlencoded | multipart/form-data | text/plain )
If the request is made using an XMLHttpRequest object, no event listeners are registered on the object returned by the XMLHttpRequest.upload property used in the request; that is, given an XMLHttpRequest instance xhr, no code has called xhr.upload.addEventListener() to add an event listener to monitor the upload.
No ReadableStream object is used in the request