Outer Web | Explore

Explore >> Select a destination

You are here		juffalow.com Backbone.js and cross domain API \| Matej Jellu?
\|	\|	www.danieldemmel.me Getting Cross-origin resource sharing with complex jQuery AJAX requests	1.4 parsecs away Travel
\|	\|	CORS can be tricky, especially if you need to do something beyond the basics like authorisation or custom headers	1.4 parsecs away Travel
\|	\|	danielms.site Daniel Michaels \| Caddy and CORS	4.6 parsecs away Travel
\|	\|	I build things and drink coffee.	4.6 parsecs away Travel
\|	\|	vanwilgenburg.wordpress.com Writing integration tests for CORS headers (with Karate) \| Jeroen van Wilgenburg's blog	1.9 parsecs away Travel
\|	\|	On many projects CORS headers are configured incorrectly. Usually by putting some wildcards (*) in the config and things 'work'. In this article I will show how to create tests for the correct headers (using Karate, but it should be applicable to any test framework). Introduction CORS stands for Cross-Origin Resource Sharing. And that's pretty...	1.9 parsecs away Travel
\|	\|	mathieu.fenniak.net Is your Web API susceptible to a CSRF exploit? \| Mathieu Fenniak	16.6 parsecs away Travel
\|		Cross-site request forgery (CSRF) is a type of security exploit where a user's web browser is tricked by a third-party site into performing actions on websites that the user is logged into. It is often a difficult attack to pull off, as it requires a number of factors to line up at once. Protecting against it requires good discipline and good design practices, especially when it comes to protecting Web APIs. Here's a brief example of a fictitious CSRF attack against a bank:	16.6 parsecs away Travel