Hacker News new | past | comments | ask | show | jobs | submit login

Usually the same ones who then download plugins like

https://addons.mozilla.org/en-US/firefox/addon/access-contro...

because properly configuring the backend is ¨too complicated¨.

Been there, done that.




You can use the origin announce headers from Firefox to block cors also, unsure if that works with chrome.

But I was referring to legacy code (or those whose SPA is stored on the same domain as API endpoints).




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: