|
|
|
|
|
|
by TekMol
338 days ago
|
|
|
Nope, it would not have been prevented by CORS. CORS prevents reading from a resource, not from sending the request. If you find that surprising, think about that the JS could also have for example created a form with the vote page as the target and clicked on the submit button. All completely unrelated to CORS. |
|
|
CORS does nothing of the sort. It does the exact opposite – it’s explicitly designed to allow reading a resource, where the SOP would ordinarily deny it.