CORS

Cross-Origin Resource Sharing

Preflight

The Cross-Origin Resource Sharing standard works by adding new HTTP headers (opens new window) that let servers describe which origins are permitted to read that information from a web browser.

Servers can also inform clients whether "credentials" (such as Cookies (opens new window) and HTTP Authentication (opens new window)) should be sent with requests.