Hi Bruce, CORS is a mechanism to get around the same origin policy <http://en.wikipedia.org/wiki/Same-origin_policy> browsers need to enforce. It has no direct relation with REST, that's why you could not find much about it. a simplified view of this is, you have a locked door. CORS gives you a way to open it, once opened everything can pass, including REST.
Not all programming environments (like java) enforce you to use CORS. Even worse, most don't!. in this environments, you become responsible for the safety of your users and their data. You can do what you need, by setting the correct headers, and support OPTION requests at your server side. In some cases adding the header `Access-Control-Allow-Origin: *` will be enough. Often it will not be. Here is a flowchart <http://www.html5rocks.com/static/images/cors_server_flowchart.png>, of what your server needs to take care off. Is this enough for you? Don't hesitate to ask if you need more! Regards Sander -- You received this message because you are subscribed to the Google Groups "AngularJS" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/angular. For more options, visit https://groups.google.com/d/optout.
