From 991fcc21bf68c130f4c7a5826fe489bbf450ca97 Mon Sep 17 00:00:00 2001
From: elayamathy <24566720+elayamathy@users.noreply.github.com>
Date: Wed, 29 Nov 2017 23:43:03 +0800
Subject: [PATCH] Update cors.md (#4884)

* Update cors.md

Added the words "in response" and "from the request" under the section "How CORS works" to improve clarity.

* Remove unnecessary period
---
 aspnetcore/security/cors.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/aspnetcore/security/cors.md b/aspnetcore/security/cors.md
index 792446b294..bab712aa52 100644
--- a/aspnetcore/security/cors.md
+++ b/aspnetcore/security/cors.md
@@ -235,7 +235,7 @@ User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6
 Host: myservice.azurewebsites.net
 ```
 
-If the server allows the request, it sets the Access-Control-Allow-Origin header. The value of this header either matches the Origin header, or is the wildcard value "*", meaning that any origin is allowed.:
+If the server allows the request, it sets the Access-Control-Allow-Origin header in the response. The value of this header either matches the Origin header from the request, or is the wildcard value "*", meaning that any origin is allowed:
 
 ```
 HTTP/1.1 200 OK