Thanks for the input!!
--blake
On Thu, Jan 6, 2022 at 4:36 PM Christopher Schultz <
ch...@christopherschultz.net> wrote:
> Blake,
>
> On 1/6/22 17:08, Blake McBride wrote:
> > On Thu, Jan 6, 2022 at 3:42 PM Christopher Schultz <
> > ch...@christopherschultz.net> wrote:
> >
> >> Blake,
> >>
> >>
Blake,
On 1/6/22 17:08, Blake McBride wrote:
On Thu, Jan 6, 2022 at 3:42 PM Christopher Schultz <
ch...@christopherschultz.net> wrote:
Blake,
On 1/6/22 16:17, Blake McBride wrote:
I think, for now, I'll just use * when developing and turned off when in
production.
What's the point of that?
On Thu, Jan 6, 2022 at 3:42 PM Christopher Schultz <
ch...@christopherschultz.net> wrote:
> Blake,
>
> On 1/6/22 16:17, Blake McBride wrote:
> > I think, for now, I'll just use * when developing and turned off when in
> > production.
>
> What's the point of that? The entire purpose of CORS is to p
Blake,
On 1/6/22 16:17, Blake McBride wrote:
I think, for now, I'll just use * when developing and turned off when in
production.
What's the point of that? The entire purpose of CORS is to protect users
from attackers while allowing legitimate uses of your own resources.
Running it in develo
Thanks, Christopher.
I think, for now, I'll just use * when developing and turned off when in
production.
I wonder if changing that method to protected might be a potential security
hole.
Thanks!
Blake McBride
On Thu, Jan 6, 2022 at 10:34 AM Christopher Schultz <
ch...@christopherschultz.net>
Blake,
On 1/6/22 10:29, Blake McBride wrote:
Greetings,
I have been using the following with success:
CorsFilter
org.apache.catalina.filters.CorsFilter
cors.allowed.headers
Content-Type,X-Requested-With,Accept,Accept-Encoding,Accept-Language,Cache-Control,Connectio
Greetings,
I have been using the following with success:
CorsFilter
org.apache.catalina.filters.CorsFilter
cors.allowed.headers
Content-Type,X-Requested-With,Accept,Accept-Encoding,Accept-Language,Cache-Control,Connection,Host,Pragma,Origin,Referer,User-Agent,Access-Contro
