cors   2104

« earlier    

Cross-Origin Resource Sharing (CORS) - HTTP | MDN
Cross-Origin Resource Sharing (CORS) is a mechanism that uses additional HTTP headers to tell a browser to let a web application running at one origin (domain) have permission to access selected resources from a server at a different origin. A web application executes a cross-origin HTTP request when it requests a resource that has a different origin (domain, protocol, and port) than its own origin.
http  security  web  cors 
7 days ago by dcrall
[Full Stack] Deploy a React+Express+SQL on Apache with port 80 and no root? : AskProgramming
My question is, is it possible to statically host my React instance through Apache, and have it contact the Express instance without opening a port for Express? What modification to the React fetch calls do I need to make? (I could contact the server admins and see about opening a port for it, but that requires a lot of bureaucracy and I'd need specific justifications for it)
react  apache  deployment  server  cors  fetch 
7 days ago by hrmJ
Cross-Origin Resource Sharing (CORS) - HTTP | MDN
Cross-Origin Resource Sharing (CORS) is a mechanism that uses additional HTTP headers to tell a browser to let a web application running at one origin (domain) have permission to access selected resources from a server at a different origin.
authentication  cors  security  http 
12 days ago by jwalsh
ASP.NET Web API - CORS Support in ASP.NET Web API 2
FWIW this is dated 2013.

The text under "Debugging CORS" seems very important to me as that material has not been seen by me elsewhere, in particular under the heading "Server Side".
asp.net  tasdrsdcl  cors 
27 days ago by shearichard
I can see your local web servers
If you see any results like localhost:3000 is available!, you should secure whatever you have running on that port, because all websites you visit have access to it - including the page you’re reading! It is not sufficient security to only bind to 127.0.0.1 (the “loopback interface”), because there are untrusted programs running on your machine right now that have access to the loopback interface. Those untrusted programs are web pages!

The mistake is easily made. Here’s an example vulnerable app, using Express, a popular web framework:

const express = require('express');
const cors = require('cors');
const app = express();
app.use(cors());
app.get('/', (req, res) =>
res.send('My personal admin site'));
app.listen(3000);

To make things worse, many servers bind to 0.0.0.0, meaning the server is available from anywhere that can reach the machine.
security  cors  localhost 
27 days ago by hellsten
What is CORS? Complete Tutorial on Cross-Origin Resource Sharing
Learn about Cross-Origin Resource Sharing. How does it protect you? How to enable it in applications? Tutorial on modifying existing applications to support CORS.
cors  cross-origin  web  webdev  tutorials  resources 
27 days ago by lenards
rs/cors: Go net/http configurable handler to handle CORS requests
Go net/http configurable handler to handle CORS requests - rs/cors
golang  cors 
29 days ago by geetarista

« earlier    

related tags

%stack_overflow  ajax  angular  apache  api  apis  apollo  apolloserver  asp.net  aspnetcore  authentication  authorization  aws  axios  bookmarked_on_site  bootstrap  browser.extensions  browser  browsers  c#  cache  cdn  chrome  cross-origin  crossorigin  cryptography  csrf  curl  data  deployment  dev  development  django  documentation  elixir  error  event  express  fetch  firefox  forward  get  golang  graphql  handling  hash  headers  howto  html  html5  htmldriven  http  iframe  iis  ionic  ios  java  javacript  javascript  jaxrs  js  jscript  json  jwt  lambda  laravel  library  localhost  lumen  message  mitmproxy  native  network  networking  networks  nginx  node  npm  oauth  opensource  options  origin  origin_policy  packages  packer  php  policy  preflight  programming  prototype  proxy  rails  react  reference  resources  rest  sam  sameorigin  security  server  serverless  servers  session  sha  signup  single-page-apps  software  sop  spring  tasdrsdcl  troubleshooting  tutorial  tutorials  web  web_dev  webapi  webdesign  webdev  window  x-frame  xhr 

Copy this bookmark:



description:


tags: