What is CORS
With the RISE of internet APIs and decentralised services, having a way to communicate with 3rd party domain became critical; thus, the W3C defined the CORS protocol, acronym which stands for “Cross-Origin Resource Sharing” and allows different domains to communicate together, the same way Adobe Flash did it a long time before with the crossdomain.xml policy (remember?).
CORS-enable your API
You can find the whole specs and various implementations at enable-cors.org.
Pain-free CORS for Apache servers
If you don’t want to change your code, we’ve crafted a small .htaccess for you that will force CORS on your API, without even touching your code. Just drop one of the implementations in your .htaccess and your API is magically CORS-enabled :)
Note: If you use the withCredentials version, be sure to add
withCredentials: true in your AJAX requests.
You can validate your API CORS support using this demo : http://embed.plnkr.co/1E8ot9e1eVs23IrjzqKr/preview
Hope this helps !