A Professional ASP.NET Core API - CORS
Browser security prevents a web page from making requests to a different domain than the one that served the web page. This restriction is called the same-origin policy
. The same-origin policy prevents a malicious site from reading sensitive data from another site. Sometimes, you might want to allow other sites to make cross-origin requests to your app.