If you have ever worked on some ajax calls or a react SPA you might be familiar with the annoying CORS error. The go to solution for us in that case is to talk to the backend guys and ask them to just allow everything because YOLO. But what is CORS? Is it just a way to annoy frontend developers? Has it got anything to do with security? If yes then why do we need auth and secret keys? If no then what purpose does it solves? How does it work in first place?

CORS : Understanding Cross Origin Resource Sharing

If you have these questions, this article is for you. It will try to answer all of these and also propose solution for the issues you might face while dealing with CORS.

Stay Safe. Stay Home.