jeena/en.javascript.info
1
0
Fork 0
Code Issues Pull requests Projects Packages Wiki Activity Actions

there must be exactly the origin there.

Browse source
This commit is contained in:
Alejandro Martín Parra 2019-09-01 13:31:56 +02:00 committed by GitHub
parent fa3c9c596a
commit 738e9b12c0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
5-network/05-fetch-crossorigin/article.md
View file

@ -341,7 +341,7 @@ Access-Control-Allow-Origin: https://javascript.info
Access-Control-Allow-Credentials: true
```
Please note: `Access-Control-Allow-Origin` is prohibited from using a star `*` for requests with credentials. Like shown above, the origin must be explicit. That's an additional safety measure, to ensure that the server really knows who it trusts to make such requests.
Please note: `Access-Control-Allow-Origin` is prohibited from using a star `*` for requests with credentials. Like shown above, there must be exactly the origin there. That's an additional safety measure, to ensure that the server really knows who it trusts to make such requests.
## Summary