|
|
|
|
|
|
by lstamour
2218 days ago
|
|
|
It might not be localhost or a local IP if users use a different hostname, common for some environments, at which point it would have to be configurable. But yes, that could also work, if all browsers send Origin headers as expected. |
|
|