# CORS (Browser) CORS (Cross-Origin Resource Sharing) is a mechanism that allows a web page from one origin (domain) to access resources from another origin. In other words, it is a security feature implemented by web browsers that restricts a web page from making requests to a different domain than the one that served the web page. The Xumm API endpoints **allow** **cross origin** requests: we want your web application to be able to make calls to the Xumm platform using the credential (JWT) you have received when a user logged in. If you are building a [Backend (SDK / API)](/environments/backend-sdk-api.md)integration, CORS is irrelevant. If you are building something in the browser (a web application), the most convenient way to interact with the Xumm platform is through the Javascript/TypeScript SDK: [https://github.com/XRPL-Labs/Developer-Help-Center/blob/main/environments/browser-web3/broken-reference/README.md](https://github.com/XRPL-Labs/Developer-Help-Center/blob/main/environments/browser-web3/broken-reference/README.md "mention"). {% hint style="info" %} If you are using the Javascript/TypeScript SDK ([https://github.com/XRPL-Labs/Developer-Help-Center/blob/main/environments/browser-web3/broken-reference/README.md](https://github.com/XRPL-Labs/Developer-Help-Center/blob/main/environments/browser-web3/broken-reference/README.md "mention")) the SDK will automatically make sure you are calling the right CORS enabled endpoints when a user signed in through the SDK. {% endhint %} If you are building your own, custom implementation, you will have to make sure you are calling the [**JWT routes**](https://xumm.readme.io/reference/ping-jwt): only our JWT (JSON Web Token) routes allow for cross origin calls, and serve the right headers to allow your browser to do so. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.xaman.dev/environments/browser-web3/cors-browser.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.