Cross-Origin Resource Sharing (CORS) needs to be used without wildcard domain matching, and via authentication (for write access at least, if not read too) (Reddit)

Cross-Origin Resource Sharing (CORS) needs to be used without wildcard domain matching, and via authentication (for write access at least, if not read too) (Reddit)

2016-01-02 23:09

News URL

http://www.reddit.com/r/netsec/comments/3z74d2/crossorigin_resource_sharing_cors_needs_to_be/

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.