Cross-Origin Resource Sharing (CORS) is a HTTP-header.
It indicate any origins (domain, scheme, or port for fetch/xhr request) other than its own (the html, css, js (the ui) that is loaded when we call the domain) from which a browser should permit loading resources.
It relies on mechanism — preflight request.
What is preflight request?
Preflight request — A request made by the browser in order to check that the server will permit the actual request.
What does the browser send to the server during the preflight request?
The browser sends headers that indicate the HTTP method and headers that will be used in the actual request.