What this book covers
Chapter 1, Why You Need CORS, discusses the same-origin policy, which limits sharing resources across domains; granting access to CORS requests by setting headers; different ways to add more security; understanding preflight requests to prepare for some types of CORS methods and events; and alternatives to CORS.
Chapter 2, Creating Proxies for CORS, discusses what a Proxy Server is and various reasons to use a Proxy, different types of Proxy Servers, and reverse proxis in Node.js with CORS anywhere.
Chapter 3, Usability and Security, discusses CORS and XDomainRequest, detecting AJAX support in the browser, using preflight to ensure usability and improve security, handling access-control-allow-origin header with and without the wildcard, HTTP request and response headers for usability and security, CORS requests with credentials, and setting and reading cookies, and CORS security cheat sheet by OWASP.
Chapter 4, CORS in Popular Content Management Frameworks, discusses how to enable CORS in WordPress, Drupal, Joomla!, and Adobe Experience Manager (AEM).
Chapter 5, CORS in Windows, discusses implementing CORS on the Windows platform. The Windows platform includes IIS, ASP.NET Web API applications, and Windows Communication Foundation.
Chapter 6, CORS in the Cloud, discusses using CORS in cloud computing services such as Amazon Simple Storage Service (S3), Google Cloud Storage, IBM Cloudant, Windows Azure Storage, the Box.com API, and the Dropbox API.
Chapter 7, CORS in Node.js, discusses the Node.js platform and using CORS in JavaScript frameworks such as ReactJS, Ember.js, and Socket.IO, with examples based on the fundamentals of CORS with allowed origin(s), methods, and headers.
Chapter 8, CORS Best Practices, discusses best practices in enabling API-to-public CORS requests, limiting the API to allow CORS requests to a whitelisted set of origins, protecting against cross-site request forgery (CSRF), and minimizing preflight requests.
