Usually the same ones who then download plugins like https://addons.mozilla.org/... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		5e92cb50239222b on Oct 15, 2021 \| parent \| context \| favorite \| on: How to win at CORS Usually the same ones who then download plugins like https://addons.mozilla.org/en-US/firefox/addon/access-contro... because properly configuring the backend is ¨too complicated¨. Been there, done that.

hsbauauvhabzb on Oct 15, 2021 [–]

You can use the origin announce headers from Firefox to block cors also, unsure if that works with chrome.

But I was referring to legacy code (or those whose SPA is stored on the same domain as API endpoints).

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact