Y
Hacker News
new
|
ask
|
show
|
jobs
by
ssudaraka
3081 days ago
Can someone fake the origin?
2 comments
fimdomeio
3081 days ago
This is controlled on browser level and most (all?) browsers implement this. Origin can be faked by just using anything that can make a http request, like curl. It exists to protect users not the server.
link
askthrowaway
3081 days ago
from browser ? No. from non-browser clients like curl ? Yes. And your server will never be able to tell if it is fake or not
link