Skip to main content

One doc tagged with "security"

View all tags

CORS vs CSP

CORS allows a site (data provider) to give permission to another site to read the data using the visitor’s browser and credentials. CSP allows a site to prevent itself (data consumer) from loading content from unexpected sources as a defense against XSS.