Cross-Origin Resource Sharing (CORS) is a security mechanism that web browsers use to regulate how websites from different domains (origins) can communicate with one another. By default, IP2Location.io incorporates a wildcard (*) in CORS for all its commercial plans. This means that a wildcard symbol (*) is inserted into the HTTP response header, specifically into the Access-Control-Allow-Origin. This instructs the web browser to accept all requests made to IP2Location.io.
If you wish to enhance the security of your web application, you could specify the origin domain that is permitted to access the resource in the ‘Security’ section of your subscription page on IP2Location.io. This ensures that your API endpoint can be accessed exclusively through your web application from the permitted domain. In the following example, it means that your API endpoint would only accept requests sent from website.example.com.
Please note that this custom CORS only available for Starter Plan onward. Read more about CORS.
THE POWER OF IP GEOLOCATION API
Find a solution that help in your business.