FAQ resource for What is CORS and why do I get CORS errors?.
Answer
Cross-Origin Resource Sharing (CORS) is a browser security mechanism that controls whether a web page can make requests to a different origin (scheme, host, or port) than the one that served it. Browsers block such cross-origin requests by default unless the responding server returns headers like `Access-Control-Allow-Origin` that explicitly permit them. CORS errors mean the server did not return the required headers, not that the request itself failed on the server. The fix is to configure the API to allow the calling origin, methods, and headers; for credentialed requests the server must echo a specific origin rather than a wildcard.