0
0
Expressframework~5 mins

Why CORS matters for APIs in Express - Quick Recap

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf
Recall & Review
beginner
What does CORS stand for and what is its main purpose?
CORS stands for Cross-Origin Resource Sharing. Its main purpose is to allow or block web pages from making requests to a different domain than the one that served the web page, protecting users from malicious sites.
Click to reveal answer
beginner
Why do browsers enforce CORS policies on API requests?
Browsers enforce CORS to prevent malicious websites from reading sensitive data from another site without permission. It acts like a security guard checking if cross-site requests are allowed.
Click to reveal answer
intermediate
How does an Express API enable CORS to allow requests from other domains?
In Express, you can enable CORS by using the 'cors' middleware. This middleware adds the right headers to responses so browsers know which domains are allowed to access the API.
Click to reveal answer
beginner
What happens if an API does not handle CORS properly?
If an API does not handle CORS, browsers will block requests from other domains, causing errors in web apps trying to use that API from a different site.
Click to reveal answer
beginner
Give a simple example of enabling CORS in an Express app.
You can enable CORS by installing the 'cors' package and adding it as middleware: <br><code>const cors = require('cors');<br>app.use(cors());</code><br>This allows all domains to access the API.
Click to reveal answer
What does CORS protect users from?
ABrowser crashes
BSlow internet connections
CMalicious websites accessing data from other domains
DIncorrect API responses
Which HTTP header is commonly used to control CORS permissions?
AUser-Agent
BContent-Type
CAuthorization
DAccess-Control-Allow-Origin
In Express, which package helps to easily enable CORS?
Aexpress-cors
Bcors
Cbody-parser
Dhelmet
What will happen if a browser blocks a cross-origin request due to CORS?
AThe request fails and the web app cannot access the response
BThe request succeeds but with a warning
CThe browser crashes
DThe server ignores the request
Which of these is NOT a reason to configure CORS on an API?
AImprove API response speed
BPrevent unauthorized cross-site requests
CAllow trusted websites to access the API
DControl which domains can use the API
Explain in simple terms why CORS is important for APIs and how it protects users.
Think about how websites can try to get data from other sites without permission.
You got /4 concepts.
    Describe how you would enable CORS in an Express API and why you might want to do that.
    Consider what happens when a web app on one domain tries to call your API on another domain.
    You got /4 concepts.