| ▲ | bastawhiz 2 hours ago | |
I think cors can prevent that. You can't make a cross origin request from an origin that isn't allowlisted | ||
| ▲ | inetknght 5 minutes ago | parent [-] | |
You really think a server-controlled CORS list will protect you from a client-side configuration issue? | ||