What does cors middleware do?

Question

Was looking at some node js code which created some web API's and came across this:

//CORS Middleware
app.use(function (req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Methods", "GET,HEAD,OPTIONS,POST,PUT");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, 
contentType,Content-Type, Accept, Authorization");
next();
});

Have looked around on the internet and can't seem to understand what it does? Can someone please explain the purpose of cors middleware

Answer 1

This link may help.

https://learn.microsoft.com/en-us/aspnet/web-api/overview/security/enabling-cross-origin-requests-in-web-api

CORS allows you to configure the web API's security. It has to do with allowing other domains to make requests against your web API. For example, if you had your web API on one server and your web app on another you could configure CORS in your Web API to allow your web app to make calls to your web API.