If your app receives data from a third-party API, which HTTP response header must the server specify to allow exceptions to the same-origin policy?
If your app receives data from a third-party API, which HTTP response header must the server specify to allow exceptions to the same-origin policy?