I remember there being a CORS problem in a team project.
Perhaps I should ask the webdev at the time whether they had made that thing with AI or they really just made the whole thing themselves and somehow overlooked CORS.
CORS has always been a problem. I keep having to remind the backend team to send proper headers. They say it works in curl so why not in the browser. It’s not very intuitive.
Hehe yeah, security in general has been an afterthought in the computing space.
And it makes sense. You first make something possible, then restrict it for whatever cases you don’t want it happening. The latter is supposed to be easier.
I remember there being a CORS problem in a team project.
Perhaps I should ask the webdev at the time whether they had made that thing with AI or they really just made the whole thing themselves and somehow overlooked CORS.
CORS has always been a problem. I keep having to remind the backend team to send proper headers. They say it works in curl so why not in the browser. It’s not very intuitive.
When I was learning, CORS was a pain in my ass. It’s not taught well, and often glossed over.
So I guess AI and hence, vibe coders are having the same problems as normal programmers.
Cors was usually not part of any tutorials. To new people it was more of an afterthought, just set policy to get you page to work.
Hehe yeah, security in general has been an afterthought in the computing space.
And it makes sense. You first make something possible, then restrict it for whatever cases you don’t want it happening. The latter is supposed to be easier.