inmysocks (version: awoo)
Follow

CORS headers seem counter productive to me.

The browser doesn't allow cross-origin requests for security.

But there are times when you want to be able to do cross-origin things.

CORS to the rescue. But instead of going with the whole 'security' thing where your browser would determine if cross origin things are allowed, the remote server gets to tell your browser that it is allowed.

'Don't talk to strangers, unless the stranger says it is ok, then they can do whatever they want'

· · 0 · 0 · 0
Sign in to participate in the conversation
Awoo Space

Awoo.space is a Mastodon instance where members can rely on a team of moderators to help resolve conflict, and limits federation with other instances using a specific access list to minimize abuse.

While mature content is allowed here, we strongly believe in being able to choose to engage with content on your own terms, so please make sure to put mature and potentially sensitive content behind the CW feature with enough description that people know what it's about.

Before signing up, please read our community guidelines. While it's a very broad swath of topics it covers, please do your best! We believe that as long as you're putting forth genuine effort to limit harm you might cause – even if you haven't read the document – you'll be okay!

Trending now

Resources

Developers

What is Mastodon?

awoo.space

  • v3.5.3+glitch

More…

v3.5.3+glitch · Privacy policy