coyo

3y

The CORS implementation has made the web overall less secure. It insists on the 99% pain in the ass solution rather than the 98% easy to use solution. So what happens? People work around it a lot, and that degrades web security overall.

Had *.mydomain been available as a header value, it would have been fine. Update your CORS headers? Good luck when your users' browsers have a cached copies of the old headers. Instant CORS violations.

devrant

cors

Ranter

Comments

4

lurch

352

3y

Hard agree, CORS implementation is stupid. I also hate that it makes cross origin requests take two actual request. I know preflight is quick but it's just a waste, especially when you can just throw up your own proxy and now that whole form of "security" is entirely circumvented.
0

ChristoPy

1572

3y

I agree it sucks. But as the time goes by, we have to deal with it, unfortunately
1

PrivateGER

16813

3y

@lurch That's...not what CORS is about. Proxying it is not bypassing it.
1

LiterallyJesus

251

3y

It shocks me that so many web fundamentals have been poorly designed when there are lots of capable engineers out there.

The XMLHttpRequest onreadystatechange bullshit.

How fucked CSS was before flexbox.

The way JS sorts arrays of numbers alphabetically.

And the worst one has to be how [] is truthy but [] == true is falsy. Wtf

Related Rants

devRant © 2021 Hexical Labs LLC
Privacy Policy | Terms of Service