Lab Hint
Cross-origin Resource Sharing (CORS) does not allow responses from another domain to be read unless the response contains the ACAO header
Videos
What is CORS? - Part 1 - ExplanationWhat is CORS? - Part 2 - DemonstrationCheck for Vulnerable Libraries in Your Web ApplicationHow to Enable Apache Mod-HeadersHow to Check HTTP Headers (Command Line)How to Check HTTP Headers from BrowserMutillidae: Lab 60 Walkthrough