OWASP is recommending x-permitted-cross-domain header. I gone through many websites and blogs and didn't get to know the difference between x-permitted-cross-domain and CORS. Since I have implemented CORS, is it required to have x-permitted-cross-domain header?
Kindly help.