On Mon, May 10, 2010 at 3:42 PM, Nathan wrote:
> Hi All,
>
> A couple of questions about CORS.
>
>
> 1: Why is CORS an opt-out setup instead of an opt-in?
> eg why are all my resource hidden to js by default rather than exposed, then
> allowing me to limit access to specific resources at my discre
Hi All,
A couple of questions about CORS.
1: Why is CORS an opt-out setup instead of an opt-in?
eg why are all my resource hidden to js by default rather than exposed,
then allowing me to limit access to specific resources at my discretion.
2: Why does CORS prevent this:
function doNastySt