You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Since we decoupled the frontend from the backend we need to consider CORS headers configs. Running web servers is not my expertise so it would be great to hear peoples general opinions on this when dealing with frontend applications making XMLHttpRequests (or Fetch) directly to a service.
I guess this is also somewhat related to authentication of the app in general but another topic.
So instead of same-origin we could:
Whitelist IPs?
Allow all?
The text was updated successfully, but these errors were encountered:
Since we decoupled the frontend from the backend we need to consider CORS headers configs. Running web servers is not my expertise so it would be great to hear peoples general opinions on this when dealing with frontend applications making XMLHttpRequests (or Fetch) directly to a service.
I guess this is also somewhat related to authentication of the app in general but another topic.
So instead of
same-originwe could:The text was updated successfully, but these errors were encountered: