Y
Hacker News
new
|
ask
|
show
|
jobs
by
user5994461
2125 days ago
* is blocked by most browsers to avoid lazy developers putting their site wild open to abuse.
2 comments
411111111111111
2125 days ago
At least Chrome and Firefox don't block it. I've recently used something similar as an add-on until I did exactly what he said: manually setting a cors * header for that internal development server
link
zackify
2120 days ago
Chrome and Firefox do not.
If that’s really the case with your browser.... set it to request.origin, so it’s always valid haha
link