Scenario: When the caller and called application are not in the same origin the CORS Policy doesn’t allow the called application / backend to response the caller application.
It’s strongly recommended to specify the allow origin in your backend. In the following video I explain how we can do it.
Solve CORS policy
After developing the website, use the Security Header to test the security of your website.
You owe your dreams your courage.