Y
Hacker News
new
|
ask
|
show
|
jobs
by
kevincox
664 days ago
Even with CORS, DNS rebinding may be a concern here. I think HTTPS may prevent that as the cert wouldn't contain the original site but in this setup where you want "no other security" it would probably work.