Y
Hacker News
new
|
ask
|
show
|
jobs
by
qabqabaca
1355 days ago
> This made it difficult to work with separate hosts (www.my.app vs. api.my.app).
This is still possible with session cookies if you use wildcard origin cookies i.e. *.my.app
1 comments
9dev
1355 days ago
I know, contrived example. Think of www.google.com and googleapis.com. Or CORS issues. There are legitimate problems with cross-origin requests.
link
0x457
1355 days ago
Yeah, those are issues at google's scale. Almost no one who uses them is even at half of google scale.
link