For simple CORS requests, the server only needs to add the following header to its response:
There are some more headers and settings involved if you want to support verbs other than GET/POST, custom headers, or authentication. You can learn more about these options in the Using CORS tutorial on HTML5 Rocks.
If you want the TL;DR version, take a look at the flowchart for implementing CORS support.
If you'd like to learn more about implementing CORS for a specific platform, follow one of the links below:
The content on this site stays fresh thanks to help from users like you! If you have suggestions or would like to contribute, fork us on GitHub.
Save 39% on CORS in Action with promotional code hossainco at manning.com/hossain