Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
lurch3513yHard agree, CORS implementation is stupid. I also hate that it makes cross origin requests take two actual request. I know preflight is quick but it's just a waste, especially when you can just throw up your own proxy and now that whole form of "security" is entirely circumvented.
-
It shocks me that so many web fundamentals have been poorly designed when there are lots of capable engineers out there.
The XMLHttpRequest onreadystatechange bullshit.
How fucked CSS was before flexbox.
The way JS sorts arrays of numbers alphabetically.
And the worst one has to be how [] is truthy but [] == true is falsy. Wtf
Related Rants
-
darkm0de16Dear CORS, Fuck you. Sincerely, localhost:8080 connecting to localhost:8000
-
devios15I fucking hate CORS. I mean yeah I get that it's for security and all but fucking COCKSUCKER is it ever fuckin...
-
hack11*Creates a rest api that runs on localhost:8080* *Creates React front end that runs on localhost:3000* *Sends ...
The CORS implementation has made the web overall less secure. It insists on the 99% pain in the ass solution rather than the 98% easy to use solution. So what happens? People work *around* it a lot, and that degrades web security overall.
Had *.mydomain been available as a header value, it would have been fine. Update your CORS headers? Good luck when your users' browsers have a cached copies of the old headers. Instant CORS violations.
devrant
cors