Thank you! I get it now! I used to just get frustrated.. now I kind of know what to do and look for. Now I gotta figure out how to configure it for Spring Boot. Thanks!
CORS is complete bullshit. You can't do the request from the browser, but you can use a proxy that calls the request, and call the proxy in the browser. Completely useless. But I understand, that the application can not steel a different session, it could be implemented different tho, imo... Blocking the request completly is dump. Just remove the session.
I am trying to fetch data from an api using react but the api isn't my own so i do not have access to add the cors middleware to it how do I go about that
It's there to prevent malicious websites to able to send requests (that may have auth cookies or sensible data in the cookies) to other websites, pretty much setting a whitelist of domains/IPs that your API can be accessed to prevent being it used on other websites (with potentially bad purposes)
Thank you! I get it now! I used to just get frustrated.. now I kind of know what to do and look for. Now I gotta figure out how to configure it for Spring Boot. Thanks!
CORS is always something strange for a dev 😝 this content is very helpful 👏🏻
Sorry, I still hate CORS.
this is one of the best explanation on CORS
CORS is complete bullshit. You can't do the request from the browser, but you can use a proxy that calls the request, and call the proxy in the browser. Completely useless.
But I understand, that the application can not steel a different session, it could be implemented different tho, imo... Blocking the request completly is dump. Just remove the session.
when i started learning there was no thing called cors and when it came i already knew why it is implemented :P
crack!! finally dudeee thanks for putting it this way
I am trying to fetch data from an api using react but the api isn't my own so i do not have access to add the cors middleware to it how do I go about that
Gee that’s nice. Now what do I do about “require is not defined?”
figure it out
I still haven't an answer: What is the point of cors? What is trying to achieve?
To avoid malicious websites sending requests with your authentication cookies from your browser and having access to the response
Great video. Very helpful.
Awesome video. luckily I find it. It solved my problem.Thanks.
👍
thank you
GoodJob!
I have this as my unsolved problem -_-
lol me too
Why you should too! or you shouldn't?
I was about to ask the same, he only told us how to fix the problems, no the benefits of using it.
It's there to prevent malicious websites to able to send requests (that may have auth cookies or sensible data in the cookies) to other websites, pretty much setting a whitelist of domains/IPs that your API can be accessed to prevent being it used on other websites (with potentially bad purposes)
Every single chime...
you don't need to install CORS... while you can add a simple HTTP header: Access-Control-Allow-Origin :v
This is for Backend.
You don't have Backend access.
This header is send by Backend code in response not in with HTTP request.
@@DhavalAhir10 yep.. I use NodeJs/Express for backend and res.header() to setup vanilla CORS via related headers.. it’s worked without CORS
For everyone who wants to improve the Security Headers on your site
securityheaders.com/