I remember there being a CORS problem in a team project.
Perhaps I should ask the webdev at the time whether they had made that thing with AI or they really just made the whole thing themselves and somehow overlooked CORS.
Hehe yeah, security in general has been an afterthought in the computing space.
And it makes sense. You first make something possible, then restrict it for whatever cases you don’t want it happening. The latter is supposed to be easier.
CORS has always been a problem. I keep having to remind the backend team to send proper headers. They say it works in curl so why not in the browser. It’s not very intuitive.
I remember there being a CORS problem in a team project.
Perhaps I should ask the webdev at the time whether they had made that thing with AI or they really just made the whole thing themselves and somehow overlooked CORS.
Cors was usually not part of any tutorials. To new people it was more of an afterthought, just set policy to get you page to work.
Hehe yeah, security in general has been an afterthought in the computing space.
And it makes sense. You first make something possible, then restrict it for whatever cases you don’t want it happening. The latter is supposed to be easier.
CORS has always been a problem. I keep having to remind the backend team to send proper headers. They say it works in curl so why not in the browser. It’s not very intuitive.