Glossary of Security Terms: CORS-Safelisted Request Header | Hacker Noon

Author profile picture

@mozillaMozilla Contributors

Mozilla (stylized as moz://a) is a free software community founded in 1998 by members of Netscape.

A CORS-safelisted request header is one of the following HTTP headers:

When containing only these headers (and values that meet the additional requirements laid out below), a requests doesn’t need to send a preflight request in the context of CORS.

You can safelist more headers using the

Access-Control-Allow-Headers

header and also list the above headers there to circumvent the following additional restrictions:

Additional restrictions

CORS-safelisted headers must also fulfill the following requirements in order to be a CORS-safelisted request header:

Learn more

Credits

Author profile picture

Read my stories

Mozilla (stylized as moz://a) is a free software community founded in 1998 by members of Netscape.

Tags

The Noonification banner

Subscribe to get your daily round-up of top tech stories!

read original article here