I have to test using postman that non white listed domain can’t access rest api. I am new to CORS- I have following questions-
- When I send say POST request from postman, what will be origin header value?
- To test that non whitelisted domain can not access rest api, do I have to set origin header as white listed domain and then post request and check the headers in response?
Please advice. Thanks