[IdeaFlowCo/superconnector-backend] Fix CORS vulnerability by restricting API access to legitimate domains (PR #24)
Summary Replace permissive CORS origin: true with domain whitelist Prevents unauthorized domains from accessing APIs that return JWT tokens Tested vulnerability exists: malicious domains can currently
[IdeaFlowCo/superconnector-backend] Fix CORS vulnerability by restricting API access to legitimate domains (PR #24)gmail thread
Summary Replace permissive CORS origin: true with domain whitelist Prevents unauthorized domains from accessing APIs that return JWT tokens Tested vulnerability exists: malicious domains can currently
- Participants
- IdeaFlowCo/superconnector-backend, Subscribed, tejas
- Messages
- 3