Cross-Origin Resource Sharing (CORS) is a mechanism that supports secure requests and data transfers from outside origins (domain, scheme, or port).
For example, example.com
uses a text font that's hosted on fonts.com
. When visiting, the user's browser will make a request for the font from fonts.com
. Because fonts.com
and example.com
are two different origins, this is a cross-origin request. If fonts.com
allows cross-origin resource sharing to example.com
, then the browser will proceed with loading the font. Otherwise, the browser will cancel the request.