|
|
|
|
|
|
by rrosen326
2941 days ago
|
|
|
Aha - I think this answers something that has always confused me. If I create a micro-service and want to protect it, CORS doesn't help me very much. I still need some sort of authentication mechanism (perhaps provided in a cookie) to say, "yes - this request is permitted." CORS helps protect that authentication mechanism within a browser. Is that about right? |
|
|