|
|
|
|
|
|
by kyledrake
3496 days ago
|
|
|
> You can signup, and start making CORS calls from your neocities pages to a sqlite database on my service. If I'm understanding what you're trying to do, this isn't on our end. Neocities currently doesn't prevent sites from making API calls to other servers - that's on your HTTP server's side, you control that. Occasionally I get requests to allow HTML hosted on Neocities to make API calls directly to Neocities itself - which would be OK for things like basic stats lookup, but for things like file uploading/deleting/editing this is dangerous, because it would allow attackers to write scripts to hack people's accounts that can be executed by their own browsers. This is called a CSRF attack, and that's why we prevent people from doing that. |
|
|