You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Cookies are great, but when used with CORS they require https. This is causing trouble in dev (where we often use CORS without auth), and one may want to run an a secured network without setting up https.
A few options :
optionally disable cookie auth,
switch to jwt, that are generally less secure, but are much easier to use, and less restrictive regarding cors. We can always manually enforce https when we need it, e.g. by optionally refusing to provide a jwt when the connection is not secure.
The text was updated successfully, but these errors were encountered:
Cookies are great, but when used with CORS they require https. This is causing trouble in dev (where we often use CORS without auth), and one may want to run an a secured network without setting up https.
A few options :
The text was updated successfully, but these errors were encountered: