Lets say, I have 2 web servers hosted at a.com and b.com b.com does NOT accept cross-domain requests from a.com.
IN one tab of my browser I have opened http://a.com and in another tab i have opened http://b.com.
As per Same Origin Policy, which of the following are true.
1) From http://a.com using ajax I can make cross-domain GET and POST request to http://b.com but can not read the response from http://b.com
2) From http://a.com using ajax I can make cross-domain GET and POST request to http://b.com and I can also read the response from http://b.com
3) From http://a.com using ajax I can make cross-domain GET, POST, PUT, DELETE request to http://b.com but can not read the response from http://b.com
4) From http://a.com using ajax I can make cross-domain GET, POST, PUT, DELETE request to http://b.com as well as read response from http://b.com
P.S. Not expecting any lectures on SOP and CORS. Short and sweet answers requested
The only true answer is 1. Simply because CORS preflight request fails on 3 and 4, so the actual request never even takes place.