Sometimes it's a good thing when I try to use someone else's backend in my web app. For example map tile server or route builder, which are session-less and have no authentication.
replyThe idea that HTTP servers are restricted to requests from a single domain by default is strange, wonder if CORS world be better off opt-in rather than opt-out.
> wonder if CORS world be better off opt-in rather than opt-out.
replyIt's necessary that the defaults are secure. More so, not less, if the problem is hard.
That describes pretty much every server I've ever written lol.
reply