CORS issue doesn't occur when using POSTMAN

google-chrome cors google-chrome-extension postman

I have been using POSTMAN for sometime now for sending HTTP requests like GET, POST, PUT for RESTful Webservices. Recently came across a situation, when sending a request to my REST API through browser, I got a message that

No Access Control Allow Origin Header is present on the Requested resource.

The solution was ofcourse to add such an header to the API. However strangely, When I sent the the same request through POSTMAN I was able to get back the response.

So I want to know how is sending a request through POSTMAN different from sending a request through browser.

I went through this question: CORS with POSTMAN, but it really doesn't provide an answer in detail.


From Cross-Origin XMLHttpRequest in Chrome Develop Extensions documentation:

Regular web pages can use the XMLHttpRequest object to send and receive data from remote servers, but they're limited by the same origin policy. Extensions aren't so limited. An extension can talk to remote servers outside of its origin, as long as it first requests cross-origin permissions.

Basically browser extensions have more privileges than web content. In the case of Chrome extensions, there is an option to enable cross-origin access.

Related

How do I work with images in Bokeh (Python)
Disable the default-jar execution
Python Requests with wincertstore
Strange PEP8 recommendation on comparing Boolean values to True or False
How to remove nested parentheses in LISP
Laravel - DecryptException: 'The MAC is invalid'
Eclipse Upgrade Not Working
java.util.scanner throws NoSuchElementException when application is started with gradle run
Swift - Objective-C load class method?
What is alternative to use after jQuery 1.9 removed .toggle(function,function)?
android screen orientation
AntiXSS in ASP.Net Core