{"id":69,"date":"2023-09-10T19:22:55","date_gmt":"2023-09-10T13:52:55","guid":{"rendered":"https:\/\/www.thehashcode.com\/?p=69"},"modified":"2025-02-03T23:30:36","modified_gmt":"2025-02-03T18:00:36","slug":"what-is-cors-and-how-to-enable-cors-in-node-js","status":"publish","type":"post","link":"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/","title":{"rendered":"What is CORS? and how to enable cors in Node.js?"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Introduction:<\/h2>\n\n\n\n<p>Cross-Origin Resource Sharing, commonly known as CORS, is a security feature used to prevent multiple web browsers from requesting web pages to another domain that serves the original web page This security measure is important in case of a malicious attack in prevention and protection of sensitive user data. We&#8217;ll delve into CORS, its significance, and implement it effectively in a Node.js setting, exploring the concept thoroughly.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">What is CORS?<\/h2>\n\n\n\n<p>CORS enables web pages to request restricted resources from domains different from their origin, promoting cross-origin resource sharing. It extends the same-origin policy (SOP), granting measured access to resources beyond a specific domain, enhancing flexibility. CORS doesn&#8217;t defend against CSRF but, if ineptly configured, exposes sites to potential cross-domain weaknesses. <\/p>\n\n\n\n<p>The CORS workflow starts when a script loaded from one origin attempts to make a request to a resource on another origin. This workflow begins with the browser automatically making a preflight request to the external web server, which uses the HTTP method OPTIONS and has several HTTP headers that the external web server should validate to ensure that scripts are authorized to access the resource.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Why Would You Want to Implement CORS?<\/h2>\n\n\n\n<p><br>CORS, short for Cross-Origin Resource Sharing, addresses the same-origin policy, a security measure that stops a malicious script from accessing a different origin. Preventing cross-site request forgery (CSRF) issues relies on the significance of the same-origin policy, which thwarts the sending of fraudulent client requests from the victim&#8217;s browser to another application. CORS facilitates web app integration by permitting access to restricted resources across domains, useful for external API data retrieval and authorized third-party server resource access.<\/p>\n\n\n\n<p>In summary, the primary reasons for implementing CORS include:<\/p>\n\n\n\n<ul>\n<li>Allowing web applications to interact with resources in different domains.<\/li>\n\n\n\n<li>Enabling the integration of applications and the use of third-party APIs.<\/li>\n\n\n\n<li>Allowing the pulling of data from external APIs or the access of server resources by authorized third parties.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">How do CORS work? <\/h3>\n\n\n\n<p>CORS adds HTTP headers to client requests and server checks them before granting access to resources from a different origin.<\/p>\n\n\n\n<p><strong>When you make a cross-origin request, this is the request-response process:<\/strong><\/p>\n\n\n\n<ol>\n<li>The browser adds an origin header to the request with information about the current origin&#8217;s protocol, host, and port.<\/li>\n\n\n\n<li>The server checks the current origin header and responds with the requested data and an Access-Control-Allow-Origin header.<\/li>\n\n\n\n<li>The browser sees the access control request headers and shares the returned data with the client applications.                                                    <\/li>\n<\/ol>\n\n\n\n<figure class=\"wp-block-image size-large\"><img fetchpriority=\"high\" decoding=\"async\" width=\"1024\" height=\"724\" src=\"http:\/\/www.thehashcode.com\/wp-content\/uploads\/2023\/08\/png_20230901_154253_0000-1024x724.png\" alt=\"working of cors\" class=\"wp-image-107\" srcset=\"https:\/\/www.thehashcode.com\/blogs\/wp-content\/uploads\/2023\/08\/png_20230901_154253_0000-1024x724.png 1024w, https:\/\/www.thehashcode.com\/blogs\/wp-content\/uploads\/2023\/08\/png_20230901_154253_0000-300x212.png 300w, https:\/\/www.thehashcode.com\/blogs\/wp-content\/uploads\/2023\/08\/png_20230901_154253_0000-768x543.png 768w, https:\/\/www.thehashcode.com\/blogs\/wp-content\/uploads\/2023\/08\/png_20230901_154253_0000-1536x1086.png 1536w, https:\/\/www.thehashcode.com\/blogs\/wp-content\/uploads\/2023\/08\/png_20230901_154253_0000-2048x1448.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">Why are we having this error? <\/h3>\n\n\n\n<p>The CORS error, often displayed as the &#8220;Same-Origin Policy&#8221; error, occurs when a web page running in one domain attempts to make a request to a resource hosted in a different domain, and the server hosting that resource doesn&#8217;t include the necessary HTTP headers to allow the request.<\/p>\n\n\n\n<p>This error is a security measure designed to prevent malicious websites from making unauthorized requests to resources on other domains, which could potentially lead to data theft or other security vulnerabilities. The browser enforces the Same-Origin Policy by blocking the request if the necessary CORS headers are not present in the server&#8217;s response. <\/p>\n\n\n\n<h3 class=\"wp-block-heading\">How can we solve it? and example with express CORS middleware <\/h3>\n\n\n\n<p>To solve these issues and enable cross-origin communication in your Node.js web application, you can use the Express.js middleware called &#8216;cors&#8217;. <\/p>\n\n\n\n<p><strong>Here&#8217;s how you can use it along with examples:<\/strong><\/p>\n\n\n\n<p><strong>Install the package:<\/strong> You need to install the &#8216;cors&#8217; package using npm or yarn. <\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"bash\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">npm install cors<\/pre>\n\n\n\n<p><strong>Use the cors middleware in your Express app: <\/strong>Import and use it middleware in your Express application.<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"js\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">const express = require('express');\nconst cors = require('cors');<\/pre>\n\n\n\n<p><strong>For all the requests<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"js\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">\/\/ Enable For all the Request \nconst app = express();\n\napp.use(cors()); \/\/ to all requests\n\napp.listen(3000, () => {\n  console.log('Server started on port 3000')\n})<\/pre>\n\n\n\n<p><strong>for specific request<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"js\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">const app = express()\n\/\/ for specific route\napp.get('\/products\/:id', cors(), function (req, res, next) {\n  res.json({msg: 'For only product Route'})\n})\n\napp.listen(3000, function () {\n  console.log('CORS-enabled web server listening on port 80')\n})<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Customizing CORS Options:<\/h3>\n\n\n\n<p>The &#8216;<kbd>cors<\/kbd>&#8216; middleware can configure its behavior by providing options. For example, you can specify the allowed origins, the headers you can include in requests, and whether credentials (cookies) are allowed. Here are some examples:<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"js\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">const corsOptions = {\n  origin: 'http:\/\/example.com', \/\/ replace with your allowed origin\n  methods: 'GET,HEAD,PUT,PATCH,POST,DELETE',\n  credentials: true, \/\/ enable credentials (cookies)\n  optionsSuccessStatus: 204, \/\/ some legacy browsers (IE11, various SmartTVs) choke on 204\n};\n\napp.use(cors(corsOptions));<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Conclusion: <\/h3>\n\n\n\n<p>Enabling <kbd>CORS <\/kbd>in a Node.js application is an important step when handling cross-origin requests. By understanding the importance of <kbd>CORS <\/kbd>and following the steps outlined above, you can ensure secure communication between your Node.js server and client-side applications. <kbd>CORS <\/kbd>policies may vary based on your specific application, so always check the official documentation for any other modification options.<\/p>\n\n\n\n<p>Remember to be vigilant about best security practices and keep your applications safe from potential security threats. When used properly, CORS increases the overall security of your web applications, allowing for proper start-up communications.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Introduction: Cross-Origin Resource Sharing, commonly known as CORS, is a security feature used to prevent multiple web browsers from requesting web pages to another domain that serves the original web&#8230;<\/p>\n","protected":false},"author":1,"featured_media":2289,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34,33,1,23,29,22,27,12,31,25,4,28,26,24,32,35],"tags":[5],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>What is CORS? and how to enable cors in Node.js? - The Hash Code<\/title>\n<meta name=\"description\" content=\"CORS lets you access different domain by adding required HTTP headers to request and checking if web page is allowed to access domain\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What is CORS? and how to enable cors in Node.js? - The Hash Code\" \/>\n<meta property=\"og:description\" content=\"CORS lets you access different domain by adding required HTTP headers to request and checking if web page is allowed to access domain\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/\" \/>\n<meta property=\"og:site_name\" content=\"The Hash Code\" \/>\n<meta property=\"article:published_time\" content=\"2023-09-10T13:52:55+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-02-03T18:00:36+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.thehashcode.com\/blogs\/wp-content\/uploads\/2023\/09\/What-is-CORS-and-how-to-enable-cors-in-Node.js.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1366\" \/>\n\t<meta property=\"og:image:height\" content=\"768\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\/\/www.thehashcode.com\/blogs\/#\/schema\/person\/22a0caaee5a0356b222eec43cafd4b7a\"},\"headline\":\"What is CORS? and how to enable cors in Node.js?\",\"datePublished\":\"2023-09-10T13:52:55+00:00\",\"dateModified\":\"2025-02-03T18:00:36+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/\"},\"wordCount\":747,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.thehashcode.com\/blogs\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.thehashcode.com\/blogs\/wp-content\/uploads\/2023\/09\/What-is-CORS-and-how-to-enable-cors-in-Node.js.png\",\"keywords\":[\"CORS\"],\"articleSection\":[\"AI\",\"BEST\",\"Blog\",\"E-commerce\",\"GO\",\"Javascript\",\"JSON\",\"Linux\",\"MongoDB\",\"NGINX\",\"NodeJS\",\"NVM\",\"Python\",\"QR Code\",\"Rust\",\"Top\"],\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/\",\"url\":\"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/\",\"name\":\"What is CORS? and how to enable cors in Node.js? - The Hash Code\",\"isPartOf\":{\"@id\":\"https:\/\/www.thehashcode.com\/blogs\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.thehashcode.com\/blogs\/wp-content\/uploads\/2023\/09\/What-is-CORS-and-how-to-enable-cors-in-Node.js.png\",\"datePublished\":\"2023-09-10T13:52:55+00:00\",\"dateModified\":\"2025-02-03T18:00:36+00:00\",\"description\":\"CORS lets you access different domain by adding required HTTP headers to request and checking if web page is allowed to access domain\",\"breadcrumb\":{\"@id\":\"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/#primaryimage\",\"url\":\"https:\/\/www.thehashcode.com\/blogs\/wp-content\/uploads\/2023\/09\/What-is-CORS-and-how-to-enable-cors-in-Node.js.png\",\"contentUrl\":\"https:\/\/www.thehashcode.com\/blogs\/wp-content\/uploads\/2023\/09\/What-is-CORS-and-how-to-enable-cors-in-Node.js.png\",\"width\":1366,\"height\":768,\"caption\":\"What is CORS? and how to enable cors in Node.js?\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.thehashcode.com\/blogs\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"What is CORS? and how to enable cors in Node.js?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.thehashcode.com\/blogs\/#website\",\"url\":\"https:\/\/www.thehashcode.com\/blogs\/\",\"name\":\"The Hash Code\",\"description\":\"All about JavaScript, NodeJS, Wordpress , System Programming and Linux.\",\"publisher\":{\"@id\":\"https:\/\/www.thehashcode.com\/blogs\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.thehashcode.com\/blogs\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.thehashcode.com\/blogs\/#organization\",\"name\":\"The Hash Code\",\"url\":\"https:\/\/www.thehashcode.com\/blogs\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.thehashcode.com\/blogs\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.thehashcode.com\/blogs\/wp-content\/uploads\/2023\/08\/cropped-cropped-the-hash-code-1.png\",\"contentUrl\":\"https:\/\/www.thehashcode.com\/blogs\/wp-content\/uploads\/2023\/08\/cropped-cropped-the-hash-code-1.png\",\"width\":512,\"height\":512,\"caption\":\"The Hash Code\"},\"image\":{\"@id\":\"https:\/\/www.thehashcode.com\/blogs\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.thehashcode.com\/blogs\/#\/schema\/person\/22a0caaee5a0356b222eec43cafd4b7a\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.thehashcode.com\/blogs\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/a455963f4f6538733e012eb417fbca18?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/a455963f4f6538733e012eb417fbca18?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"http:\/\/thehashcode.com\"],\"url\":\"https:\/\/www.thehashcode.com\/blogs\/author\/thehashcode-com\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"What is CORS? and how to enable cors in Node.js? - The Hash Code","description":"CORS lets you access different domain by adding required HTTP headers to request and checking if web page is allowed to access domain","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/","og_locale":"en_GB","og_type":"article","og_title":"What is CORS? and how to enable cors in Node.js? - The Hash Code","og_description":"CORS lets you access different domain by adding required HTTP headers to request and checking if web page is allowed to access domain","og_url":"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/","og_site_name":"The Hash Code","article_published_time":"2023-09-10T13:52:55+00:00","article_modified_time":"2025-02-03T18:00:36+00:00","og_image":[{"width":1366,"height":768,"url":"https:\/\/www.thehashcode.com\/blogs\/wp-content\/uploads\/2023\/09\/What-is-CORS-and-how-to-enable-cors-in-Node.js.png","type":"image\/png"}],"author":"admin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"admin","Estimated reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/#article","isPartOf":{"@id":"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/"},"author":{"name":"admin","@id":"https:\/\/www.thehashcode.com\/blogs\/#\/schema\/person\/22a0caaee5a0356b222eec43cafd4b7a"},"headline":"What is CORS? and how to enable cors in Node.js?","datePublished":"2023-09-10T13:52:55+00:00","dateModified":"2025-02-03T18:00:36+00:00","mainEntityOfPage":{"@id":"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/"},"wordCount":747,"commentCount":0,"publisher":{"@id":"https:\/\/www.thehashcode.com\/blogs\/#organization"},"image":{"@id":"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/#primaryimage"},"thumbnailUrl":"https:\/\/www.thehashcode.com\/blogs\/wp-content\/uploads\/2023\/09\/What-is-CORS-and-how-to-enable-cors-in-Node.js.png","keywords":["CORS"],"articleSection":["AI","BEST","Blog","E-commerce","GO","Javascript","JSON","Linux","MongoDB","NGINX","NodeJS","NVM","Python","QR Code","Rust","Top"],"inLanguage":"en-GB","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/","url":"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/","name":"What is CORS? and how to enable cors in Node.js? - The Hash Code","isPartOf":{"@id":"https:\/\/www.thehashcode.com\/blogs\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/#primaryimage"},"image":{"@id":"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/#primaryimage"},"thumbnailUrl":"https:\/\/www.thehashcode.com\/blogs\/wp-content\/uploads\/2023\/09\/What-is-CORS-and-how-to-enable-cors-in-Node.js.png","datePublished":"2023-09-10T13:52:55+00:00","dateModified":"2025-02-03T18:00:36+00:00","description":"CORS lets you access different domain by adding required HTTP headers to request and checking if web page is allowed to access domain","breadcrumb":{"@id":"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/#primaryimage","url":"https:\/\/www.thehashcode.com\/blogs\/wp-content\/uploads\/2023\/09\/What-is-CORS-and-how-to-enable-cors-in-Node.js.png","contentUrl":"https:\/\/www.thehashcode.com\/blogs\/wp-content\/uploads\/2023\/09\/What-is-CORS-and-how-to-enable-cors-in-Node.js.png","width":1366,"height":768,"caption":"What is CORS? and how to enable cors in Node.js?"},{"@type":"BreadcrumbList","@id":"https:\/\/www.thehashcode.com\/blogs\/nodejs\/what-is-cors-and-how-to-enable-cors-in-node-js\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.thehashcode.com\/blogs\/"},{"@type":"ListItem","position":2,"name":"What is CORS? and how to enable cors in Node.js?"}]},{"@type":"WebSite","@id":"https:\/\/www.thehashcode.com\/blogs\/#website","url":"https:\/\/www.thehashcode.com\/blogs\/","name":"The Hash Code","description":"All about JavaScript, NodeJS, Wordpress , System Programming and Linux.","publisher":{"@id":"https:\/\/www.thehashcode.com\/blogs\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.thehashcode.com\/blogs\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/www.thehashcode.com\/blogs\/#organization","name":"The Hash Code","url":"https:\/\/www.thehashcode.com\/blogs\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.thehashcode.com\/blogs\/#\/schema\/logo\/image\/","url":"https:\/\/www.thehashcode.com\/blogs\/wp-content\/uploads\/2023\/08\/cropped-cropped-the-hash-code-1.png","contentUrl":"https:\/\/www.thehashcode.com\/blogs\/wp-content\/uploads\/2023\/08\/cropped-cropped-the-hash-code-1.png","width":512,"height":512,"caption":"The Hash Code"},"image":{"@id":"https:\/\/www.thehashcode.com\/blogs\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.thehashcode.com\/blogs\/#\/schema\/person\/22a0caaee5a0356b222eec43cafd4b7a","name":"admin","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.thehashcode.com\/blogs\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/a455963f4f6538733e012eb417fbca18?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/a455963f4f6538733e012eb417fbca18?s=96&d=mm&r=g","caption":"admin"},"sameAs":["http:\/\/thehashcode.com"],"url":"https:\/\/www.thehashcode.com\/blogs\/author\/thehashcode-com\/"}]}},"_links":{"self":[{"href":"https:\/\/www.thehashcode.com\/blogs\/wp-json\/wp\/v2\/posts\/69"}],"collection":[{"href":"https:\/\/www.thehashcode.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.thehashcode.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.thehashcode.com\/blogs\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.thehashcode.com\/blogs\/wp-json\/wp\/v2\/comments?post=69"}],"version-history":[{"count":21,"href":"https:\/\/www.thehashcode.com\/blogs\/wp-json\/wp\/v2\/posts\/69\/revisions"}],"predecessor-version":[{"id":3151,"href":"https:\/\/www.thehashcode.com\/blogs\/wp-json\/wp\/v2\/posts\/69\/revisions\/3151"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.thehashcode.com\/blogs\/wp-json\/wp\/v2\/media\/2289"}],"wp:attachment":[{"href":"https:\/\/www.thehashcode.com\/blogs\/wp-json\/wp\/v2\/media?parent=69"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.thehashcode.com\/blogs\/wp-json\/wp\/v2\/categories?post=69"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.thehashcode.com\/blogs\/wp-json\/wp\/v2\/tags?post=69"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}