You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm not sure what the best way to resolve this issue is, but here are some suggestions:
CORS whitelist origins
Manual, tedious, has to be updated for new third-party applications...
CORS whitelist all origins
⚠️ Bypasses the point of CORS...
Host the third-party applications on the same domain as Gondul
Drastically reduces the simplicity of developing against the API
Further thoughts:
Consider whitelisting some other HTTP methods, as well as the Authorization header. GET/HEAD is currently allowed through, but not with Authorization, so only for same-origin requests, where CORS isn't an issue... :D
The text was updated successfully, but these errors were encountered:
Over at https://github.com/sklirg/pocket-gondul I require some CORS changes to be able to work with the Gondul API.
I'm not sure what the best way to resolve this issue is, but here are some suggestions:
Further thoughts:
Consider whitelisting some other HTTP methods, as well as the Authorization header. GET/HEAD is currently allowed through, but not with Authorization, so only for same-origin requests, where CORS isn't an issue... :D
The text was updated successfully, but these errors were encountered: