awesome-repositories.com
Blog
awesome-repositories.com

Descoperă cele mai bune repository-uri open source cu căutare AI.

ExploreazăCăutări recomandateAlternative open-sourceSoftware self-hostedBlogHartă site
ProiectDespreCum realizăm clasamentulPresăServer MCP
LegalConfidențialitateTermeni
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

20 repository-uri

Awesome GitHub RepositoriesCross-Origin Resource Sharing

Policies for restricting API access to trusted domains.

Distinguishing note: Focuses on domain-level access restriction for web APIs.

Explore 20 awesome GitHub repositories matching security & cryptography · Cross-Origin Resource Sharing. Refine with filters or upvote what's useful.

Awesome Cross-Origin Resource Sharing GitHub Repositories

Găsește cele mai bune repo-uri cu AI.Vom căuta cele mai potrivite repository-uri folosind AI.
  • addyosmani/agent-skillsAvatar addyosmani

    addyosmani/agent-skills

    60,849Vezi pe GitHub↗

    Agent-skills is a collection of structured instructions and behavioral personas designed to standardize how AI coding agents perform engineering tasks. It functions as a workflow orchestrator that maps natural language intent to repeatable technical sequences and verification checklists. The project distinguishes itself through the use of specialized markdown-defined roles, such as security auditors or test engineers, to apply targeted domain expertise. It employs an evidence-based verification model that requires runtime data or passing tests as mandatory exit criteria to ensure AI-generated

    Defines workflows for restricting API access to trusted domains via allowlists of origins.

    Shellagent-skillsantigravityantigravity-ide
    Vezi pe GitHub↗60,849
  • payloadcms/payloadAvatar payloadcms

    payloadcms/payload

    43,053Vezi pe GitHub↗

    Payload is a headless content management system and application framework that uses a code-first approach to define data schemas and administrative interfaces. By utilizing a centralized, type-safe configuration object, it automatically generates database schemas, API endpoints, and a fully customizable admin panel. The system is built on a database-agnostic architecture, allowing it to interface with various storage engines while providing a unified, type-safe API for server-side operations, REST, and GraphQL. What distinguishes Payload is its deep extensibility and developer-centric design.

    Restricts API access to trusted domains to ensure secure cross-origin communication.

    TypeScriptcmscontent-managementcontent-management-system
    Vezi pe GitHub↗43,053
  • hashicorp/nomadAvatar hashicorp

    hashicorp/nomad

    16,211Vezi pe GitHub↗

    Nomad is a distributed workload orchestrator and infrastructure automation platform designed to manage the lifecycle of applications across large-scale, heterogeneous environments. It functions as a multi-cloud orchestration engine, providing a unified control plane to deploy, scale, and govern containers, virtual machines, and legacy applications. By utilizing declarative job specifications, the system ensures infrastructure convergence and maintains the desired state across distributed data centers and geographic regions. The platform distinguishes itself through a flexible, plugin-based ar

    Configures HTTP API endpoints to permit cross-origin requests for secure web-based tool interaction.

    Go
    Vezi pe GitHub↗16,211
  • http-party/http-serverH

    http-party/http-server

    14,191Vezi pe GitHub↗

    This project is a lightweight Node.js web server and command-line tool designed for hosting static assets and delivering local files over HTTP. It functions as a static site host that provides a minimal environment for serving HTML, CSS, and JavaScript files to web browsers. The server includes built-in support for TLS encryption to enable secure HTTPS access and allows for the configuration of cross-origin resource sharing headers. It also features basic authentication to restrict folder access via username and password verification. The system manages content delivery through browser cache

    Allows configuration of CORS headers to control which external domains can access the server.

    JavaScript
    Vezi pe GitHub↗14,191
  • drogonframework/drogonAvatar drogonframework

    drogonframework/drogon

    13,568Vezi pe GitHub↗

    Drogon is a high-performance, cross-platform C++ framework designed for building asynchronous web services and server-side applications. It functions as a multi-threaded, event-driven server engine that manages concurrent network traffic and WebSocket connections with minimal latency. By leveraging non-blocking input/output and native code compilation, the framework provides a foundation for scalable applications that operate efficiently across diverse hardware architectures. The framework distinguishes itself through its compile-time template rendering, which transforms dynamic HTML views in

    Manages security headers and request policies to restrict or permit browser access to resources from different domains.

    C++asynchronous-programmingdrogonhttp
    Vezi pe GitHub↗13,568
  • encode/starletteAvatar encode

    encode/starlette

    12,397Vezi pe GitHub↗

    Starlette is an asynchronous web framework and toolkit for building high-performance web services based on the ASGI specification. It serves as a lightweight foundation for creating web applications with a focus on asynchronous request and response handling. The framework provides specialized toolkits for managing persistent bidirectional WebSocket communication and an asynchronous HTTP server toolkit for routing and middleware. It distinguishes itself by offering a non-blocking background task queue that executes functions after a response has been sent to the client. The project covers a b

    Defines which external domains are permitted to make requests through configurable CORS headers.

    Python
    Vezi pe GitHub↗12,397
  • kludex/starletteAvatar Kludex

    Kludex/starlette

    12,397Vezi pe GitHub↗

    Starlette is a lightweight ASGI web framework and asynchronous HTTP toolkit used to build high-performance HTTP and WebSocket services. It functions as a WebSocket server framework and a collection of ASGI middleware components for managing network requests through non-blocking asynchronous logic. The framework provides tools for real-time communication via persistent bidirectional channels and infrastructure for high-performance APIs. It includes specialized capabilities for response compression, incremental data streaming, and the execution of non-blocking background tasks after a response

    Provides middleware to configure Cross-Origin Resource Sharing (CORS) policies to restrict API access to trusted domains.

    Pythonasgiasynchttp
    Vezi pe GitHub↗12,397
  • chalarangelo/30-seconds-of-interviewsAvatar Chalarangelo

    Chalarangelo/30-seconds-of-interviews

    12,143Vezi pe GitHub↗

    This project is a technical interview study guide and a markdown-driven static site designed to help developers prepare for coding screenings. It serves as a curated collection of common technical questions and expert answers, functioning as a comprehensive educational resource. The platform provides a structured curriculum and reference materials across several key domains. This includes a JavaScript language reference covering programming fundamentals, a frontend engineering curriculum focused on UI patterns and responsive design, and a web security knowledge base detailing attack vectors a

    Provides a reference for understanding and implementing Cross-Origin Resource Sharing policies.

    JavaScriptawesome-listcsseducation
    Vezi pe GitHub↗12,143
  • 99designs/gqlgenAvatar 99designs

    99designs/gqlgen

    10,729Vezi pe GitHub↗

    gqlgen is a schema-first Go library designed to build type-safe GraphQL servers. It functions as a code generation engine that transforms declarative GraphQL schema definitions into strongly-typed Go source code, ensuring strict alignment between the API contract and the underlying implementation. The framework distinguishes itself through its deep integration with the Go type system and its highly extensible build pipeline. By using schema-first development, it automates the creation of server boilerplate and resolver stubs, allowing developers to map schema fields directly to Go structs and

    Attaches standard HTTP headers to server responses to allow requests from web clients hosted on different domains.

    Gocodegendataloadergogenerate
    Vezi pe GitHub↗10,729
  • yangzongzhuan/ruoyi-vue3Avatar yangzongzhuan

    yangzongzhuan/RuoYi-Vue3

    6,631Vezi pe GitHub↗

    RuoYi-Vue3 is a full-stack administrative dashboard and permission management framework built with SpringBoot and Vue 3. It serves as an enterprise management backend providing a decoupled architecture that separates the API from the user interface. The project features a low-code CRUD generator that automatically produces frontend and backend boilerplate code and API documentation from database tables. It implements a comprehensive role-based access control system for managing users, departments, and granular permissions at the menu and button levels, secured by stateless JSON Web Token auth

    Implements policies to restrict API access to trusted domains using CORS.

    Vueadminelement-pluselement-ui
    Vezi pe GitHub↗6,631
  • barryvdh/laravel-corsAvatar barryvdh

    barryvdh/laravel-cors

    6,240Vezi pe GitHub↗

    laravel-cors este un pachet middleware pentru aplicațiile Laravel care gestionează Cross-Origin Resource Sharing (CORS). Acesta funcționează ca un strat de securitate HTTP care validează originile cererilor și injectează headerele necesare în răspunsurile aplicației pentru a controla modul în care domeniile externe accesează un API backend. Proiectul oferă un motor de politici bazat pe configurare pentru a potrivi originile și metodele cererilor primite cu valorile permise. Aceasta include suport pentru potrivirea originilor cu wildcard pentru a autoriza mai multe domenii de încredere printr-o singură regulă și gestionarea automată a cererilor pre-flight OPTIONS. Sistemul se integrează în pipeline-ul request-response pentru a oferi control global al accesului API și configurarea securității browserului. Gestionează injectarea headerelor de securitate pentru a rezolva erorile de browser cross-origin și a asigura o comunicare securizată între un server Laravel și frontend-uri găzduite pe domenii diferite.

    Manages CORS headers to allow or restrict requests from external domains for backend API security.

    PHP
    Vezi pe GitHub↗6,240
  • expressjs/corsAvatar expressjs

    expressjs/cors

    6,194Vezi pe GitHub↗

    This is a Node.js middleware for Express and Node.js servers that manages Cross-Origin Resource Sharing policies. It functions as a policy manager and origin validator to define which origins, HTTP methods, and headers are permitted to access server resources. The project provides mechanisms for dynamic origin validation, allowing request origins to be checked against custom logic or databases. It also acts as an HTTP preflight request handler to process OPTIONS requests and verify server permissions before complex cross-site interactions occur. Its capability surface covers the management o

    Provides a comprehensive system for restricting API access to trusted domains using CORS policies.

    JavaScriptcorsexpressjsjavascript
    Vezi pe GitHub↗6,194
  • ottoyiu/django-cors-headersAvatar ottoyiu

    ottoyiu/django-cors-headers

    5,587Vezi pe GitHub↗

    django-cors-headers este un utilitar pentru aplicații Django pentru gestionarea partajării resurselor între origini diferite (CORS). Adaugă headere HTTP la răspunsuri astfel încât browserele web să poată permite cereri cross-origin de la domenii externe specificate. Proiectul oferă instrumente pentru definirea domeniilor externe, metodelor HTTP și headerelor care au permisiunea de a accesa un API. Suportă restricționarea originilor permise prin liste statice și expresii regulate și permite transmiterea cookie-urilor și a credențialelor de autentificare pentru gestionarea sesiunilor cross-site. Capabilitățile suplimentare includ controlul accesului API pentru a limita partajarea cross-origin la tipare URL specifice și gestionarea headerelor de preflight pentru rețele private pentru a permite comunicarea între adrese IP publice și servere din rețele private.

    Implements policies for restricting API access to trusted domains via CORS headers.

    Python
    Vezi pe GitHub↗5,587
  • mdn/browser-compat-dataAvatar mdn

    mdn/browser-compat-data

    5,585Vezi pe GitHub↗

    Documents policies for restricting API access to trusted domains using CORS headers.

    JSONcompatcompatibilitydata
    Vezi pe GitHub↗5,585
  • hacdias/webdavAvatar hacdias

    hacdias/webdav

    5,262Vezi pe GitHub↗

    This project is a self-hosted WebDAV file server and HTTP file manager that exposes a local file system for remote access and management. It functions as a private cloud storage solution, enabling users to perform file synchronization and automated network backups across different platforms and devices. The server includes built-in security to mitigate brute-force attacks by using middleware to block IP addresses after repeated failed authentication attempts. It also provides cross-origin resource sharing configuration to regulate how external web applications interact with the server. The s

    Provides configurable CORS headers to allow external web applications to interact with the file server.

    Gofilesystemgohttp
    Vezi pe GitHub↗5,262
  • emicklei/go-restfulAvatar emicklei

    emicklei/go-restful

    5,111Vezi pe GitHub↗

    go-restful este un framework pentru construirea de servicii web RESTful în Go. Funcționează ca un toolkit pentru gestionarea endpoint-urilor API, oferind un router de cereri care mapează cererile HTTP primite către funcții handler folosind parametri de cale și tipare URL personalizate. Framework-ul include un strat de conversie a datelor care transformă structurile Go în formate JSON sau XML pentru corpurile cererilor și răspunsurilor. Oferă, de asemenea, un sistem pentru organizarea serviciilor web conexe în containere, pentru a gestiona prefixarea endpoint-urilor și configurarea partajată. Proiectul acoperă gestionarea ciclului de viață al cererilor prin filtre middleware pentru validare și autentificare, precum și gestionarea headerelor de tip cross-origin resource sharing (CORS). Capabilitățile suplimentare includ compresia payload-ului folosind gzip sau deflate și middleware de recuperare după panică pentru a returna răspunsuri de eroare standardizate.

    Manages CORS headers and preflight requests to control access from different domains.

    Go
    Vezi pe GitHub↗5,111
  • spring-projects/spring-authorization-serverAvatar spring-projects

    spring-projects/spring-authorization-server

    5,102Vezi pe GitHub↗

    Spring Authorization Server is an OAuth 2.1 and OpenID Connect 1.0 authorization server built on Spring Security. It implements the full protocol surface for issuing access and refresh tokens, including authorization code, client credentials, device code, and token exchange grants, as well as pushed authorization requests and user consent management. The server also functions as an OpenID Connect provider, supporting ID tokens, userinfo, discovery, logout, and dynamic client registration. The project distinguishes itself through an extensible framework that allows custom grant types, pluggabl

    This OAuth 2.1 and OpenID Connect authorization server configures CORS to allow single-page applications hosted on different domains to access its endpoints.

    Java
    Vezi pe GitHub↗5,102
  • anomalyco/guideAvatar anomalyco

    anomalyco/guide

    3,682Vezi pe GitHub↗

    This project is a serverless application framework used to define and deploy cloud infrastructure, serverless APIs, and static frontends through infrastructure as code. It functions as a full stack deployment pipeline and a cloud infrastructure orchestrator for provisioning resources like databases and storage buckets across multiple cloud accounts. The framework includes a local cloud development environment that allows for testing and debugging API endpoints and cloud functions on a local machine before deployment. It also features a containerized build pipeline specifically designed to con

    Defines access policies to restrict API access to trusted frontend domains.

    SCSSawsreactjsserverless
    Vezi pe GitHub↗3,682
  • google/google-api-javascript-clientAvatar google

    google/google-api-javascript-client

    3,473Vezi pe GitHub↗

    The Google API JavaScript Client Library is an official client for calling Google APIs directly from browser applications. It provides a programmatic interface to exchange data and execute service requests while managing request construction and response parsing. The library features dynamic client discovery, which loads machine-readable metadata at runtime to automatically generate request methods and parameter validation for various endpoints. It also includes an authentication client that handles OAuth 2.0 authorization flows to securely manage user identity and access tokens in the browse

    Manages cross-origin resource sharing policies to enable secure browser-based API calls from any origin.

    CSS
    Vezi pe GitHub↗3,473
  • intoli/remote-browserAvatar intoli

    intoli/remote-browser

    1,749Vezi pe GitHub↗

    Remote-browser is a framework for programmatic browser automation and session management built on standard web extension architecture. It provides the infrastructure to control browser instances, execute automated scripts, and perform debugging tasks through a unified interface. The project distinguishes itself by enabling both local and remote browser connectivity, allowing users to establish persistent communication channels with distant browser instances over a network. It utilizes a privileged extension environment to isolate automation logic from page-level content, ensuring that scripts

    Manages secure cross-domain communication by leveraging browser-level permission manifests to authorize script access.

    JavaScript
    Vezi pe GitHub↗1,749
  1. Home
  2. Security & Cryptography
  3. Cross-Origin Resource Sharing