|
|
|
|
|
|
by kentonv
3075 days ago
|
|
|
No, CORS doesn't apply here. CORS regulates cross-origin requests, but the attack here makes the browser think the requests are same-origin. (Also, CORS can only be used to permit access that would normally be denied. CORS does not offer any way to deny access that is normally permitted.) |
|
|