zlacker
[parent]
[thread]
1 comments
1. wnevet+(OP)
[view]
[source]
2018-09-19 15:02:52
> like sending requests as JSON requires an extra (pre-flight) request, so in my script I use the "text/plain" content type, which does not require an extra request.
what are the security implications of this?
replies(1):
>>cevn+Q6
◧
2. cevn+Q6
[view]
[source]
2018-09-19 15:49:50
>>wnevet+(OP)
He's talking about skipping CORS by using a "plain" request. Avoiding CORS is not a huge security vulnerability afaik.
[go to top]