CORS (Cross-Origin Resource Sharing) huwa mekkaniżmu tas-sigurtà tal-browser li jikkontrolla jekk paġna web minn origin wieħed origin tista' tagħmel irjegħiet lil server fuq origin differenti. B'mod default, il-browsers jibblokka rjegħiet cross-origin; is-server irid jippermettihom b'mod espliċitu permezz ta' headers ta' rispons.
Il-politika same-origin u l-problema
Origin = scheme + host + port. These are DIFFERENT origins:
https://app.example.com → https://api.example.com (different host)
http://localhost:3000 → http://localhost:4000 (different port)
Browser blocks the cross-origin request UNLESS the server sends CORS headers allowing it.
