Disable CORS by default #281
Comments
|
Relates to #331 |
|
I agree, when we release, the CORS headers should only allow localhost connections (for development and swarm dapp). |
|
CORS will be enabled in Mist by default. CORS will be disabled in the CLI by default. The CORS header will be settable through a command line flag |
|
Though CORS are no real security, as its only enforced by the browser the user uses. |
|
@frozeman yes good point |
|
Superseded by #394 |
prestonvanloon
added a commit
to prestonvanloon/go-ethereum
that referenced
this issue
Jul 15, 2018
ngtuna
pushed a commit
to ngtuna/tomochain
that referenced
this issue
Nov 14, 2018
…idation fix error double validation : M2 don't validate body,state,.. before verify block
AusIV
pushed a commit
to NoteGio/go-ethereum
that referenced
this issue
Feb 22, 2021
cmd/utils/flags: better help text for `—ethash.dagdir`
maoueh
pushed a commit
to streamingfast/go-ethereum
that referenced
this issue
May 3, 2022
weiihann
pushed a commit
to weiihann/go-ethereum
that referenced
this issue
Nov 30, 2023
maoueh
pushed a commit
to streamingfast/go-ethereum
that referenced
this issue
Mar 29, 2024
…mponents Add components that geth backend has in arbitrum's backend
jsvisa
pushed a commit
to jsvisa/go-ethereum
that referenced
this issue
Jan 8, 2025
* feat(beacon): introduce soft blocks * feat: update api.go * chore(ci): update CI * feat: update L1Origin * feat: update `verifyHeader` * test: update tests * feat: update consensus * feat: update consensus * feat: update genesis * feat: remove timestamp check in prepareWork * feat: merge changes in ethereum#281 * Update eth/catalyst/api.go Co-authored-by: maskpp <[email protected]> * Update internal/ethapi/taiko_preconf.go Co-authored-by: maskpp <[email protected]> * fix consensus test * revert commit f1df58 * fix consensus test (ethereum#349) * Update eth/catalyst/api.go Co-authored-by: maskpp <[email protected]> * feat: add back timestamp check in worker * add genesis * temp fix for old l1origin * nil value * feat: rename to `L1OriginLegacy` * feat: change `common.Big0` as the default value for legacy l1Origin, to make `IsSoftblock` return `false` * feat(beacon): change the reorg log level (ethereum#350) * use debug log level to avoid logging too many logs when frequently soft block reorg. * use debug log level to avoid logging too many logs when frequently soft block reorg. * feat: check --taiko flag --------- Co-authored-by: David <[email protected]> * add rlp optional flag (ethereum#353) * fix lint * fix test case * feat(l1Origin): remove the reverted l1Origins (ethereum#355) * remove the reverted l1Origins * feat: add more comments --------- Co-authored-by: David <[email protected]> * only forward txs * chore: update ci --------- Co-authored-by: maskpp <[email protected]> Co-authored-by: Jeffery Walsh <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
CORS support is necessary to access from the browser. However, it exposes the rpc to any website you visit. This is a security risk.
The text was updated successfully, but these errors were encountered: