Hacker News new | past | comments | ask | show | jobs | submit login

You're 100% correct, and while someone has pointed out the proper headers that need to be set on the bug report here: https://bugs.chromium.org/p/chromium/issues/detail?id=67743, it's been drowned out by people who don't seem to understand the issue:


CORS is hard, I've struggled on it several times, and I'm not surprised an engineer gave up trying to fix it because of deadlines.

Can confirm, CORS (Origin: ramdomsite.tld to localhost) works just fine in Chrome.

If you have a CORS enable server on localhost you can make requests to it from http://www.test-cors.org

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact