This tutorial demonstrates CORS support in ASP.NET Web API. We’ll start by creating two ASP.NET projects – one called “WebService”, which hosts a Web API controller, and the other called “WebClient”, which calls WebService. Because the two applications are hosted at different domains, an AJAX request from WebClient to WebService is a cross-origin request.
What is “Same Origin”?
Two URLs have the same origin if they have identical schemes, hosts, and ports. (RFC 6454)
These two URLs have the same origin:
These URLs have different origins than the previous two:
http://example.net– Different domain
http://example.com:9000/foo.html– Different port
https://example.com/foo.html– Different scheme
http://www.example.com/foo.html– Different subdomain
Internet Explorer does not consider the port when comparing origins.
Also from Microsoft Web-API: http://www.asp.net/web-api/overview