Chapter 2. Making CORS requests
Table 2.1. CORS support in browsers
Table 2.2. Event handlers exposed by the XMLHttpRequest object
Table 2.3. Response properties on the XMLHttpRequest object
Table 2.4. XMLHttpRequest event handlers
Table 2.5. Comparison of XMLHttpRequest and XDomainRequest
Chapter 3. Handling CORS requests
Table 3.1. A CORS request consists of the client, the browser, and the server
Table 3.2. Origin values for various example URLs
Table 3.3. Client and server origins for the sample app
Table 3.4. Same-origin versus cross-origin requests
Table 3.5. How the browser reacts to server responses
Chapter 4. Handling preflight requests
Table 4.1. What an HTTP OPTIONS request and response might look like in a pre-CORS world
Table 4.2. Mapping the actual request method to the preflight
Table 4.3. Mapping the actual request headers to the preflight
Table 4.4. Responding to Access-Control-Request-Headers by using Access-Control-Allow-Headers. All requested headers must also be in the response for the CORS request to succeed.
Table 4.5. Various ways to reject a CORS preflight request
Table 4.6. Preflight request headers and their corresponding response headers
Table 4.7. The actual request has no information about the preflight request
Table 4.8. Both the preflight response and the actual response need the Access-Control-Allow-Origin header.
Table 4.9. Uploading with and without upload events. Uploading without upload events doesn���t need a preflight.