CORS is a security mechanism or policy to control asynchronous HTTP requests that can be made from a browser to a server with a different domain from the originally loaded page. Such requests are called cross-origin requests.
Using these type of asynchronous requests, resources located in domains other than the current page are disallowed by default. This is often referred to as CORS protection. Its purpose is to make it difficult to add foreign resources to a given site.