Open ImTrevorMartin opened 3 weeks ago
We don't really check the origin of requests---especially as we just do a allow whoever cors policy (from what I understand).
Figure out if this is an actual issue (maybe do an attack and write-up!) and fix it if it is.
We don't really check the origin of requests---especially as we just do a allow whoever cors policy (from what I understand).
Figure out if this is an actual issue (maybe do an attack and write-up!) and fix it if it is.