The Access-Control-Allow-Origin response header indicates whether the response can be shared with requesting code from the given origin.