Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
D
D
dc65k2020-12-22 10:49:54
CORS
dc65k, 2020-12-22 10:49:54

Why doesn't the CORS policy block requests for third-party resources (domains) when uploading media files?

Hello. Tell me why, if the DOM tree has links, for example, the img tag to third-party resources where images are stored, then CORS does not block such requests?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
Y
Yuriy Vorobyov, 2020-12-22
@dc65k

It just doesn't ask for origin permissions by default , but you can set the crossorigin attribute to change this behavior. <img>, <script>, stylesheet <link>, и <iframe>

Report
O
OCTAGRAM, 2021-01-13
@OCTAGRAM

CORS does not block what was allowed before, CORS allows what was previously not allowed. It was possible to read media files before.

Similar questions
Q
QFCFC2019-04-17 23:01:24
Why isn't the Set-Cookie header coming? 2Reply
M
mpotemkin2014-12-02 06:50:52
AngularJS + $httpProvider + CORS - what's wrong? 2Reply
V
vaflya2019-05-12 21:27:06
How to bypass CORB in Chrome 74 extension? 1Reply
J
JordanBelford2021-01-25 06:28:50
What headers need to be sent in order for the put and delete methods to work? 1Reply
H
hillrider2019-05-31 11:47:16
How to solve CORS blocking issue? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question