5 points by mariusbolik 2 days ago | 5 comments
- Just something to note.
Websocket connections don't enforce CORS. So that's another alternative - host all of you APIs via websockets.
- This feels like a bad idea, there's a reason why we have CORS.
- forget @trick-or-treat, I love it.
- What happens when his users expose secrets with this thing and an attacker runs up a huge api bill? Pull the plug on this OP.
- FaaS - Footgun as a Service, I hope he listens to you and takes it down. The liability on his end is potentialy catastrophic.
- [dead]