|
|
|
|
|
|
by Boltgolt
1919 days ago
|
|
|
One word: Compatibility. There are already protections against XSS and CSRF build in, and adding stricter rules would cause sites to break. Do you want to maintain a list of all sites that need cross origin GET requests to function? |
|
|