What is CORS? | Cross-Origin Resource Sharing | CORS Explained!

Подписаться 40 тыс.

Просмотров 62 тыс.

50% 1

#web_security #cors #sop #csrf
Understanding Cross-Origin Resource Sharing is essential if you’re a web developer or want to understand the browser security model. Cross-origin Resource Sharing is a way to relax the SOP, Same Origin Policy, the security mechanism whereby browsers prevent Cross-Site Request Forgery, or CSRF.
In this video, what is CORS, and Why we need it?. You’ll understand how we can bypass the Same Origin Policy with CORS and how HTTP headers are used to customize CORS implementation.
-------- Video Outline --------
00:09 Browser functionalities and security model
01:07 CSRF attack -- Cross-Site Request Forgery
01:41 Same Origin Policy
02:13 What is an Origin
03:05 CSRF and SOP
04:03 Relaxing SOP
04:41 Introducing CORS
05:17 CORS implementation -- HTTP Headers
06:45 Preflight Request
07:19 CORS in Web Browsers vs CLI client
Resources to know more:
* developer.mozilla.org/en-US/d...
* owasp.org/www-project-web-sec...
Check out more of The TechCave Videos:
* • What is a VPN & How do... - What is a VPN and How does it work? VPNs Explained!
* • What is a Proxy Server... - What is a Proxy Server & How Does it work?
* • The Http and the Web |... - HTTP and The Web
* • APIs | REST | REST API... - REST APIs
* • What is DevOps | Under... - DevOps
* • Web Services - Demysti... - Web Services
* • Software Architecture ... - Software Architecture
Artwork and Illustration: Flaticon.com
Stay Tuned!

Наука

Опубликовано:

19 май 2021

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 44

@tarmeez Год назад

CORS is one of my biggest challenges when I teach programming to the beginners and why is this happening and what we can do to bypass it, great video, thank you so much 👌🏻

@andrewfielden284 2 года назад

What a great explanation. You've just demystified why my API call was a) sending two HTTP requests and b) why my JWT header item was being removed in the second one. Thank you!!

@ppena120 11 месяцев назад

I've been dealing with this issue for 2 days now and didn't really understand it until now. Thank you!

@Carlesgl81 Год назад

i´ve been more than an hour trying to understand this concept with other videos, blogs. This video was my solution! Thanks!

@DaveO0808 2 года назад

understanding CORS in 5 min is possible! well done thank you

@jaelee1368 2 года назад

Nice video on CORS, it's clear that you put a lot of effort into creating a high quality presentation.

@benmichel1201 2 года назад

Great walkthrough! Thanks for making this. 🙏

@anasssoulimani9288 3 года назад

Great work! Awesome content as always❤

@andersonrafaelcunha1392 2 года назад

Great video, very easy to understand with those examples.

@RandallReedJr 2 года назад

This is a really helpful explanation, thanks!

@ACLAproductions 2 года назад

This was an amazing explanation! Thank you :)

@GB-mi5he Год назад

What a GREAT video on this topic. Bravo!

@arsenshlianin3064 9 месяцев назад

дякую за зрозуміле пояснення

@ivan-the-l Год назад

Very nicely explained. Clear and on point 🔥

@bastienfontaine8539 6 месяцев назад

Thank you for this video ! I finally understood what's behind the concept of CORS 🔥

@divanvanzyl7545 2 года назад

Great explanation. Thank you

@20rand 2 года назад

Thanks for the video, very helpful!

@itstinmoreno 2 года назад

Great video! Thanks for this! :)

@emmanuelobileye5643 Год назад

This was clearly explained. Thank you

@dyanzhao4927 2 года назад

This nice video make me understand the relationship between CORS and SOP.

@lastidea4925 Год назад

Excellent explanation, thank you Sir ♥

@khumbokaunda7402 Год назад

Thank you very much for this wonderful explanation

@luanecarolineaquinocavalca1064 Год назад

thank you so much, great explanation 👏🏽👏🏽👏🏽

@AliA-kp2ux Год назад

Great video! Thanks very much 🙂

@TeverRus 2 года назад

The video is great, mate!

@deanwhite8413 Год назад

Fantastic explanation. Thanks!

@aymaneelmadidi887 3 года назад

Awesome video thanks for uploading.

@TheTechCave 3 года назад

Thank you for your kind words!

@pliegosevilla 2 года назад

Nice! Thanks

@erfelipe 3 года назад

Thanks!

@Toojool 2 года назад

great explanation

@luisrosal1499 Год назад

great explanation, good job!

@ledo.imanghorbani Год назад

Really Great

@anaselkassimi7091 3 года назад

thank you so much

@TheTechCave 3 года назад

You're welcome!

@jenks2897 2 года назад

What if I don't what to access or change any data just want to click a button on website A which then clicks or simulate a click on website B and execute a function, does this falls under CORS ? If not any suggestion on how this can be done?

@sapnashah4807 2 года назад

can you explain important of CORS for client server

@user-ti9yn8wg6o Год назад

So the browser is the one enforces CORS, and the resource server is the one that can be setup to relax the restriction.

@user-qr8yt6dp3r Год назад

It just feels like the browser developers want every api developer to feel the pain of the browser dev being accused by some random user of the user's stolen information from a random website. (In which case the browser developer, of course, is not to blame, it's just that users are so stupid.)