204
Alexandrite is a Beautiful Web Frontend for Lemmy (wedistribute.org)
submitted 11 months ago by hedge@beehaw.org to c/technology@beehaw.org
53 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[-] curiousgoo@beehaw.org 8 points 11 months ago* (last edited 11 months ago)

I see, but how is this different in a phone app? Wouldn't the request still be made to a backend?

[-] AnarchoYeasty@beehaw.org 5 points 11 months ago

1.) Turns out this is no longer true because the cors issue is fixed as of two weeks ago.

But to answer your question:

Well that's the really silly part about it. You see, the way CORS works is that it only works if the client making the request implements cors. In this case when I say client I'm talking about your web browser itself. Native applications, or hitting an API directly via network calls, don't implement cors and thus you can make the calls all you want and the server responds. So even when cors was configured to only allow requests from the correct domain it only affected people with web browsers.

However two weeks ago a PR was merged into the Lemmy source code setting the cors to by default allow requests from anyone instead of a specific domain.

this post was submitted on 21 Jul 2023
204 points (100.0% liked)

Technology

37208 readers
505 users here now

Rumors, happenings, and innovations in the technology sphere. If it's technological news or discussion of technology, it probably belongs here.

Subcommunities on Beehaw:

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
alyaza@beehaw.org
TheRtRevKaiser@beehaw.org
gyrfalcon@beehaw.org
rs5th@beehaw.org
Los@beehaw.org
coldredlight@beehaw.org
SemioticStandard@beehaw.org
TheRtRevKaiser@kbin.social
remington@beehaw.org