What do you think?
Rate this book
CORS in Action: Creating and consuming cross-origin APIs
Summary
CORS in Action introduces Cross-Origin Resource Sharing (CORS) from both the server and the client perspective. It starts with the how to make CORS requests and how to implement CORS on the server. It then explores key details such as performance, debugging, and security. API authors will learn how CORS opens their APIs to a wider range of users. JavaScript developers will find valuable techniques for building rich web apps that can take advantage of APIs hosted anywhere. The techniques described in this book are especially applicable to mobile environments, where browsers are guaranteed to support CORS.
Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.
About the Book
Suppose you need to share some JSON data with another application or service. If everything is hosted on one domain, it's a snap. But if the data is on another domain, the browser's "same-origin" policy stops you cold. CORS is a new web standard that enables safe cross-domain access without complex server-side code. Mastering CORS makes it possible for web and mobile applications to share data simply and securely.
CORS in Action introduces CORS from both the server and the client perspective. It starts with making and enabling CORS requests and then explores performance, debugging, and security. You'll learn to build apps that can take advantage of APIs hosted anywhere and how to write APIs that expand your products to a wider range of users.
For web developers comfortable with JavaScript. No experience with CORS is assumed.
What's Inside
About the Author
Monsur Hossain is an engineer at Google who has worked on API-related projects such as the Google JavaScript Client, the APIs Discovery Service, and CORS support for Google APIs.
Table of Contents
CORS in Action introduces Cross-Origin Resource Sharing (CORS) from both the server and the client perspective. It starts with the how to make CORS requests and how to implement CORS on the server. It then explores key details such as performance, debugging, and security. API authors will learn how CORS opens their APIs to a wider range of users. JavaScript developers will find valuable techniques for building rich web apps that can take advantage of APIs hosted anywhere. The techniques described in this book are especially applicable to mobile environments, where browsers are guaranteed to support CORS.
Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.
About the Book
Suppose you need to share some JSON data with another application or service. If everything is hosted on one domain, it's a snap. But if the data is on another domain, the browser's "same-origin" policy stops you cold. CORS is a new web standard that enables safe cross-domain access without complex server-side code. Mastering CORS makes it possible for web and mobile applications to share data simply and securely.
CORS in Action introduces CORS from both the server and the client perspective. It starts with making and enabling CORS requests and then explores performance, debugging, and security. You'll learn to build apps that can take advantage of APIs hosted anywhere and how to write APIs that expand your products to a wider range of users.
For web developers comfortable with JavaScript. No experience with CORS is assumed.
What's Inside
About the Author
Monsur Hossain is an engineer at Google who has worked on API-related projects such as the Google JavaScript Client, the APIs Discovery Service, and CORS support for Google APIs.
Table of Contents
240 pages, Paperback
First published July 31, 2014
4 people are currently reading
45 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 6 of 6 reviews
June 18, 2015
Good overview of CORS and how to implement it. Better explanation than what I could find online.
September 23, 2018
I would love to be more enthusiastic about this book, but frankly CORS is a subject which put me to sleep, and it's only because I'm responsible for web security that I bought it and read it. It provides comprehensive information about the topic, but is at times painfully boring, as simple points are mentioned again and again.
I thought the section on CSRF was a bit weak, as it didn't seem to say much and I will have to read something else to understand that topic.
I thought the section on CSRF was a bit weak, as it didn't seem to say much and I will have to read something else to understand that topic.
December 17, 2024
It's a really good book, but the author explains the same concepts over and over again. Seems like this whole book could be summarized in a blog post, but it will be too small to be a book so ¯\_(ツ)_/¯
August 18, 2017
One of the easiest "reads" I've had for a technical book
November 22, 2015
Very smooth read for a technical book. Teaches you what you need to know how to securely enable API calls across domains from the browser.
October 27, 2016
Very well written.
Displaying 1 - 6 of 6 reviews