Tobias T–

Get back to Notes nobody reads

Comment Did anyone use Cross…

Did anyone use Cross Origin Requests for something that was not… "authenticated"?

What I found out today:

  • If you use CORS, you cannot authenticate users via Javascript as that is denied
  • You cannot send session cookies as that is denied

How the freak should I authenticate a user without changing the server to a non standard way? Any ideas?

Elsewhere