CITguy
commented
9 years ago This would require a user setting (and ui to manage) to manage acceptable origins for CORs functionality.
This may relate to #7 as pile-specific CORs settings.
Open CITguy opened 9 years ago
CITguy
commented
9 years ago This would require a user setting (and ui to manage) to manage acceptable origins for CORs functionality.
This may relate to #7 as pile-specific CORs settings.
CITguy
commented
9 years ago System CORS <- Pile CORS <- Scrap CORS
Currently,
Access-Control-Allow-Originis set to'*'to allow scrap access from any origin.The scrap owner should have access to modify this value to provide fine-grained control of which domain/origin has access to a specific scrap.