I am a career game developer, and more recently have gotten heavy into web development. I've never really understood what CORS errors are (case in point: until this video, I understood it to be something the SERVER was enforcing/allowing). A lot of other tutorial/instructional videos just gloss it over with a brief mention like "...if you get a CORS error, just fix it by doing do blah blah blah...". This is the first actual explanation I've seen of what/why it exists and how the process works. I think there's a lot more for me to understand, but I will hit the MDN for more details. Thank you for this video. This is good stuff.
Please don’t stop producing these videos and the short videos I enjoy every single one of them and i always learn something new with each video Thank you for sharing your knowledge with us
Recently I faced a problem involving a CORS error in the front end. What I've done to solve it was create an API in the nodejs nextjs environment, mask the endpoint and then consume it from the front-end. it worked :))
I love how you just always dive straight into the video, it makes us feel more engaged, instead of other youtubers that have a 2 minute intro and then a 3 minute sponsor lmao.
Great work, I got a bit confused/surprised about getting CORS error but POST to the API, so even with that someone can spam your database or do other malicious thing?
CORS is meant for browser only, it doesn't prevent dev tools like Postman or curl from making the request. So yes, protect your endpoint with access control (if it's private). Otherwise, at least rate limit it, and maybe even geolock it if you want to restrict other countries from accessing.
I got a CORS error for a whole week - turns out it was my browser which was causing it. (Was using the Arc browser). Opened chrome and the CORS error went away 😅
@@ShivamJha00 Depends. If your target audience has a significant portion of users on the Arc browser, absolutely you'd want to fix it. Realistically though, Arc is extremely new with an extremely small userbase, meaning it's probably not worth the time investment. Additionally, as it's (probably) a browser bug, you could spend time working around the bug, only for Arc to release an update tomorrow that fixes it, meaning you just spent valuable development time fixing, essentially, nothing. Browser support is a balance of 1) How severe is the problem, 2) How many users does it affect, and 3) Is it a problem with your site, or the browser itself. For larger browsers, sometimes it's worth working around the bug, even if you know a fix is coming soon. For Arc? Ehh... Probably not, imo.
I am a career game developer, and more recently have gotten heavy into web development. I've never really understood what CORS errors are (case in point: until this video, I understood it to be something the SERVER was enforcing/allowing). A lot of other tutorial/instructional videos just gloss it over with a brief mention like "...if you get a CORS error, just fix it by doing do blah blah blah...". This is the first actual explanation I've seen of what/why it exists and how the process works. I think there's a lot more for me to understand, but I will hit the MDN for more details. Thank you for this video. This is good stuff.
Please don’t stop producing these videos and the short videos
I enjoy every single one of them and i always learn something new with each video
Thank you for sharing your knowledge with us
Recently I faced a problem involving a CORS error in the front end. What I've done to solve it was create an API in the nodejs nextjs environment, mask the endpoint and then consume it from the front-end. it worked :))
I love how you just always dive straight into the video, it makes us feel more engaged, instead of other youtubers that have a 2 minute intro and then a 3 minute sponsor lmao.
Perfectly explained. Thank you!!
I think it's a good introduction to online security, Web Dev Junkie 👌.
Thanks for the video 🍉😉👍!
would you go over proxies in vite.config and package.json?
Good job babe!!!
I've had dreams about cors errors and not being able to solve them.. this video hopefully quells such nightmares
Great work, I got a bit confused/surprised about getting CORS error but POST to the API, so even with that someone can spam your database or do other malicious thing?
Yeah, anyone can load up curl and spam your database 24/7. You’d need to add in a rate limiter or ip blocker to help prevent that
CORS is meant for browser only, it doesn't prevent dev tools like Postman or curl from making the request. So yes, protect your endpoint with access control (if it's private). Otherwise, at least rate limit it, and maybe even geolock it if you want to restrict other countries from accessing.
This was very helpfu
Hey man, great video, what is the name of the extension that replaces single quotes to double quotes 😂??
I got a CORS error for a whole week - turns out it was my browser which was causing it. (Was using the Arc browser). Opened chrome and the CORS error went away 😅
You would still wanna fix that, no?
@@ShivamJha00 Depends. If your target audience has a significant portion of users on the Arc browser, absolutely you'd want to fix it. Realistically though, Arc is extremely new with an extremely small userbase, meaning it's probably not worth the time investment. Additionally, as it's (probably) a browser bug, you could spend time working around the bug, only for Arc to release an update tomorrow that fixes it, meaning you just spent valuable development time fixing, essentially, nothing. Browser support is a balance of 1) How severe is the problem, 2) How many users does it affect, and 3) Is it a problem with your site, or the browser itself. For larger browsers, sometimes it's worth working around the bug, even if you know a fix is coming soon. For Arc? Ehh... Probably not, imo.
i hate cors more than it's useful to me
if you put "gg" inside console.log it means there is the possibility that you are a gamer.