Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Disable CORS by default #281

Closed
kumavis opened this issue Feb 1, 2015 · 6 comments
Closed

Disable CORS by default #281

kumavis opened this issue Feb 1, 2015 · 6 comments

Comments

@kumavis
Copy link
Member

kumavis commented Feb 1, 2015

CORS support is necessary to access from the browser. However, it exposes the rpc to any website you visit. This is a security risk.
@tgerring
Copy link
Contributor

Relates to #331

@kumavis kumavis mentioned this issue Feb 25, 2015
Closed
@frozeman
Copy link
Contributor

I agree, when we release, the CORS headers should only allow localhost connections (for development and swarm dapp).

@obscuren
Copy link
Contributor

CORS will be enabled in Mist by default. CORS will be disabled in the CLI by default. The CORS header will be settable through a command line flag

#394

@frozeman
Copy link
Contributor

Though CORS are no real security, as its only enforced by the browser the user uses.

@kumavis
Copy link
Member Author

kumavis commented Feb 26, 2015

@frozeman yes good point

@tgerring
Copy link
Contributor

Superseded by #394

prestonvanloon added a commit to prestonvanloon/go-ethereum that referenced this issue Jul 15, 2018
@prestonvanloon
Update go-ethereum with fix for mac OS builds (ethereum#281)
ec2a663
ngtuna pushed a commit to ngtuna/tomochain that referenced this issue Nov 14, 2018
@nguyenbatam
Merge pull request ethereum#281 from nguyenbatam/fix_error_double_val…
c0584b6 
…idation

fix error double validation : M2 don't validate body,state,.. before verify block
AusIV pushed a commit to NoteGio/go-ethereum that referenced this issue Feb 22, 2021
@ziogaschr
Merge pull request ethereum#281 from etclabscore/feat/ethash-dagdir-help
d804015 
cmd/utils/flags: better help text for `—ethash.dagdir`
maoueh pushed a commit to streamingfast/go-ethereum that referenced this issue May 3, 2022
@wjmelements
bor the default target (ethereum#281)
521b3a7
weiihann pushed a commit to weiihann/go-ethereum that referenced this issue Nov 30, 2023
@gballet
remove StateDB as an extra param to Prepare (ethereum#281)
c30a2cc
maoueh pushed a commit to streamingfast/go-ethereum that referenced this issue Mar 29, 2024
@ganeshvanahalli
Merge pull request ethereum#281 from OffchainLabs/arbitrum-backend-co…
086bfcc 
…mponents

Add components that geth backend has in arbitrum's backend
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@frozeman @tgerring @kumavis @obscuren