Thank you! I get it now! I used to just get frustrated.. now I kind of know what to do and look for. Now I gotta figure out how to configure it for Spring Boot. Thanks!
I am trying to fetch data from an api using react but the api isn't my own so i do not have access to add the cors middleware to it how do I go about that
CORS is complete bullshit. You can't do the request from the browser, but you can use a proxy that calls the request, and call the proxy in the browser. Completely useless. But I understand, that the application can not steel a different session, it could be implemented different tho, imo... Blocking the request completly is dump. Just remove the session.
It's there to prevent malicious websites to able to send requests (that may have auth cookies or sensible data in the cookies) to other websites, pretty much setting a whitelist of domains/IPs that your API can be accessed to prevent being it used on other websites (with potentially bad purposes)
Thank you! I get it now! I used to just get frustrated.. now I kind of know what to do and look for. Now I gotta figure out how to configure it for Spring Boot. Thanks!
I am trying to fetch data from an api using react but the api isn't my own so i do not have access to add the cors middleware to it how do I go about that
Awesome video. luckily I find it. It solved my problem.Thanks.
Great video. Very helpful.
CORS is always something strange for a dev 😝 this content is very helpful 👏🏻
crack!! finally dudeee thanks for putting it this way
Gee that’s nice. Now what do I do about “require is not defined?”
figure it out
CORS is complete bullshit. You can't do the request from the browser, but you can use a proxy that calls the request, and call the proxy in the browser. Completely useless.
But I understand, that the application can not steel a different session, it could be implemented different tho, imo... Blocking the request completly is dump. Just remove the session.
this is one of the best explanation on CORS
I still haven't an answer: What is the point of cors? What is trying to achieve?
To avoid malicious websites sending requests with your authentication cookies from your browser and having access to the response
Sorry, I still hate CORS.
when i started learning there was no thing called cors and when it came i already knew why it is implemented :P
thank you
Why you should too! or you shouldn't?
I was about to ask the same, he only told us how to fix the problems, no the benefits of using it.
It's there to prevent malicious websites to able to send requests (that may have auth cookies or sensible data in the cookies) to other websites, pretty much setting a whitelist of domains/IPs that your API can be accessed to prevent being it used on other websites (with potentially bad purposes)
Every single chime...
I have this as my unsolved problem -_-
lol me too
GoodJob!
👍
you don't need to install CORS... while you can add a simple HTTP header: Access-Control-Allow-Origin :v
This is for Backend.
You don't have Backend access.
This header is send by Backend code in response not in with HTTP request.
@@DhavalAhir10 yep.. I use NodeJs/Express for backend and res.header() to setup vanilla CORS via related headers.. it’s worked without CORS
For everyone who wants to improve the Security Headers on your site
securityheaders.com/