Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
PAKA8882yI feel you, every single time it's "it works in postman" (curl and cli in general is too advanced for my seniors)
-
I don’t know what to tell you, but it took me 10-15 hours to figure this out back then. Maybe I was very slow 😅
-
arcioneo7702yActually omitting the origin header with the browser(if possible) is a security threat, a big one bro!!!
And taking CORS lightly can bring your system/page down or even worse, be careful when thinking about this.
You are complaining about the tree, you need to consider the forest
Related Rants
-
paranoidAndroid17Consultant: "you should deploy a website. Use wordpress and have a draft ready in a few days. It's easy." Me:...
-
jodee92911BETA USER: Is this feature working? When I add a link I get an error that says "URL cannot be more than 255 ch...
-
Number09Receives email from warranty guy in work. Warranty: "Hi, see attached scan in PDF form. I normally fill the b...
So, yet another "senior" web developer employed by my contractor who utterly fails to understand CORS.
I mean, easy enough to config their servers to provide the headers. A good and quick buck.
But I swear the level of idiocy I find in so called "seniors" infuriates me. I swear, he didn't even figure out that
A) you can't make the browser omit the Origin header.
(But it works on curl ðŸ˜ðŸ˜ðŸ˜)
B) it's the *server* who must include access-control-allow-origin in the response, not you in the request. Like, what use would that be? I don't even...
😞
I guess if I ever need to hire web devs again my only question during the interview will be "explain CORS to me".
rant
seniors
why?
cors