h1. Links about Cross-origin resource sharing - CORS

http://www.html5rocks.com/en/tutorials/cors/

http://enable-cors.org/server_cgi.html

http://stackoverflow.com/questions/10636611/how-does-access-control-allow-origin-header-work 

http://stackoverflow.com/a/13400954/710446

https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS

http://serverfault.com/questions/384105/cross-origin-resource-sharing-cors-with-nginx-chrome
http://enable-cors.org/server_nginx.html

http://en.wikipedia.org/wiki/Same-origin_policy
http://en.wikipedia.org/wiki/Cross-origin_resource_sharing
http://stackoverflow.com/questions/23607901/cross-origin-request-blocked-on
http://benjaminhorn.io/code/setting-cors-cross-origin-resource-sharing-on-apache-with-correct-response-headers-allowing-everything-through/


h2. Curl Testing

code. # curl -I -X GET http://veeryapiperl.soupmode.com/api/posts
HTTP/1.1 200 Accepted
Server: nginx/1.1.19
Date: Tue, 15 Sep 2015 23:00:54 GMT
Content-Type: application/json; charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, HEAD, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
code..

 #nginx #programming #web #security