Closed ricardocarva closed 11 months ago
On file routes/index.js in line 171
router.get("/learn/stream", ensureAuthenticated, async (req, res) => { res.setHeader("Cache-Control", "no-cache"); res.setHeader("Content-Type", "text/event-stream"); res.setHeader("Access-Control-Allow-Origin", "*"); . . .
Feedback: Make sure that enabling CORS is safe here.
More info on: https://sonarcloud.io/project/security_hotspots?id=ricardocarva_MortiSmart&hotspots=AYw2sjN2vs-zeIUQTJiu
Addressed on #38
ricardocarva
commented
11 months ago ricardocarva
commented
11 months ago
On file routes/index.js in line 171
router.get("/learn/stream", ensureAuthenticated, async (req, res) => { res.setHeader("Cache-Control", "no-cache"); res.setHeader("Content-Type", "text/event-stream"); res.setHeader("Access-Control-Allow-Origin", "*"); . . .
Feedback: Make sure that enabling CORS is safe here.
More info on: https://sonarcloud.io/project/security_hotspots?id=ricardocarva_MortiSmart&hotspots=AYw2sjN2vs-zeIUQTJiu