CORS
Cross-Origin Resource Sharing (CORS) is the thing that produces those “blocked by CORS policy” errors in the browser console. It gets a bad reputation as an obstacle, but it’s really a browser safety mechanism doing exactly what it’s supposed to. I wanted to understand what’s actually going on rather than just copy-pasting Access-Control-Allow-Origin: * until the error goes away.
CORS, explained
CORS, explained is an interactive single-page guide I built to make CORS tangible: what it is, why it exists, and exactly how to fix the errors it produces.
It includes an animated request-flow visualization (simple vs. preflighted requests) and a live header playground where you can toggle response headers and watch whether the browser would allow the request.