Skip to main content

CORS vs CSP

  • CORS allows a site A (data provider) to give permission to site B to read (potentially private) data from site A (using the visitor's browser and credentials).
  • CSP allows a site to prevent itself (data consumer) from loading (potentially malicious) content from unexpected sources (e.g. as a defence against XSS).

About Tian Pan

Driven technology architect and entrepreneur with deep expertise in building highly-scalable, enterprise-grade SaaS applications. Full-stack specialist with a strong focus on designing flexible, scalable solutions that meet complex, evolving demands.

[object Object]

Stay up to date