Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Apps and Services with .NET 8

You're reading from   Apps and Services with .NET 8 Build practical projects with Blazor, .NET MAUI, gRPC, GraphQL, and other enterprise technologies

Arrow left icon
Product type Paperback
Published in Dec 2023
Publisher Packt
ISBN-13 9781837637133
Length 798 pages
Edition 2nd Edition
Languages
Tools
Arrow right icon
Author (1):
Arrow left icon
Mark J. Price Mark J. Price
Author Profile Icon Mark J. Price
Mark J. Price
Arrow right icon
View More author details
Toc

Table of Contents (19) Chapters Close

Preface 1. Introducing Apps and Services with .NET 2. Managing Relational Data Using SQL Server FREE CHAPTER 3. Building Entity Models for SQL Server Using EF Core 4. Managing NoSQL Data Using Azure Cosmos DB 5. Multitasking and Concurrency 6. Using Popular Third-Party Libraries 7. Handling Dates, Times, and Internationalization 8. Building and Securing Web Services Using Minimal APIs 9. Caching, Queuing, and Resilient Background Services 10. Building Serverless Nanoservices Using Azure Functions 11. Broadcasting Real-Time Communication Using SignalR 12. Combining Data Sources Using GraphQL 13. Building Efficient Microservices Using gRPC 14. Building Web User Interfaces Using ASP.NET Core 15. Building Web Components Using Blazor 16. Building Mobile and Desktop Apps Using .NET MAUI 17. Epilogue 18. Index

Relaxing the same origin security policy using CORS

Modern web browsers support multiple tabs so users can visit multiple websites at the same time efficiently. If code executing in one tab could access resources in another tab, then that could be a vector of attack.

All web browsers implement a security feature called the same origin policy. This means that only requests that come from the same origin are allowed. For example, if a block of JavaScript is served from the same origin that hosts a web service or served an <iframe>, then that JavaScript can call the service and access the data in the <iframe>. If a request is made from a different origin, then the request fails. But what counts as the “same origin?”

An origin is defined by:

  • Scheme aka protocol, for example, http or https.
  • Port, for example, 801 or 5081. The default port for http is 80 and for https is 443.
  • Host/domain/subdomain, for example, www.example.com, www...
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime