|
|
|
|
|
|
by mmahemoff
5280 days ago
|
|
|
JSONP should only be used for public web services. otherwise, any third party website could make privileged calls. The BaaS architecture is actually a perfect situation for making privileged calls with CORS, because the server is wholly responsible for the user's identity and permissions. |
|
|