Good News Everybody!
The new search engine is LIVE!
Please report any problems to david (at) midrange.com.
|
Security issues scare me. It seems like a really easy place to make oneself look like an idiot.
Here is the scenario: I have a web services service available. It is reachable over the internet (if one is inside the VPN) from a browser line at, say, _http://an.ibm.i/api/dayName/2019-03-15_ and returns:
dayOut "2019-03-15 is a Friday"
which is what I expect and want.
However if I use that link in an index.html on the same desktop I get "Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://.../api/dayName/2019-03-15. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).
OK. I get it. There is a security issue that is being solved. Good.
So I read about what to do and realize this is way out of my wheelhouse. What have others done?
This mailing list archive is Copyright 1997-2026 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.