Cross Origin Resource Sharing

The API supports Cross Origin Resource Sharing (CORS) for AJAX requests.

For more information, see the CORS W3C working draft, or this intro from the HTML 5 Security Guide.

Here's a sample request sent from a browser hitting http://example.com:

curl -i https://api.itslanguage.io -H "Origin: http://example.com"

HTTP/1.1 302 Found

This is what the CORS preflight request looks like:

curl -i https://api.itslanguage.io -H "Origin: http://example.com" -X OPTIONS

HTTP/1.1 204 No Content
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true