You are maintaining a server that has strict security requirements. You need to allow cross-origin requests but with stringent restrictions. How can you implement CORS to fulfill these requirements while maintaining security?
- Set Access-Control-Allow-Origin to * and rely on server-side authentication.
- Implement preflight requests with custom headers and allow only authorized clients.
- Avoid using CORS and handle cross-origin requests through server-side scripting.
- Enable CORS for all origins and use server-side IP filtering.
To implement stringent security with CORS, you should use preflight requests with custom headers to allow only authorized clients. Option A is not secure as it allows any origin. Option C suggests avoiding CORS altogether, which may not be practical. Option D relies on IP filtering, which can be bypassed.
Loading...
Related Quiz
- Your application allows users to upload and share documents. You need to implement a solution to scan uploaded documents for malicious content. What considerations and strategies would you employ to ensure the security of the uploaded files?
- How does semantic versioning handle pre-release versions and build metadata?
- What does the process object in Node.js primarily provide information about?
- What considerations should be made when implementing full-text search to ensure relevance and accuracy of search results?
- Which of the following is a correct way to declare a function in JavaScript?