Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
The question is, how well do you trust your users?
I have made lots of calls to open APIs that don't properly use CORS.
if they had properly locked it down, then I would be required to use their UI instead of automating everything from a script.
Nothing like pulling back 1.5 million records every 15 minutes just to see what the latest changes were (thanks FDA).
Is there any point in using cors without declaring the origin header?
question