This Fixes CORS

Рет қаралды 5,392

Colby Fayock

Күн бұрын

Пікірлер: 24

@colbyfayock 3 ай бұрын

Learn how to build a full stack Next.js app in my upcoming course: colbyfayock.com/course

@AndrewJot-z9l Ай бұрын

By far the best video that really explains CORS and how to overcome it!

@colbyfayock 29 күн бұрын

🙇‍♂️

@LeHarT99 5 ай бұрын

Bro you just saved me, THANK YOU!. Suscribed and liked this video

@colbyfayock 5 ай бұрын

happy to hear that! 🙌 and thanks for the sub 😁

@nemeziz_prime 5 ай бұрын

Amazing video as usual! Keep going 💪🏻

@colbyfayock 5 ай бұрын

thank you!!

@notrab 5 ай бұрын

Nice video @colbyfayock! Another workaround I've been trying lately (but need to measure bandwidth usage) is by adding a `rewrites` option to my Next.js config. The source would be the path I want to post to (could be your API), then the destination the original. I've been using it for file uploads, so this could get expensive $$$$

@colbyfayock 5 ай бұрын

ohhh thats interesting! i never thought about rewrites from a billing perspective, is that measured in bandwidth?

@bandekhoda7801 4 ай бұрын

Wait a minute isn't this a huge security issue in the browsers, that I can easily fetch from a website I just opened up and have that website URL as my origin? Does the IP also point to that website I'm fetching from (in the console) or is it my IP? Is the website allowed to not let people fetch using it's origin?

@colbyfayock 4 ай бұрын

i dont know that i completely follow your question, but: - yes you can theoretically go to your browser's console and create a same-site origin request to the website you're on - there are extra security guards that you can place, that larger websites often place, to prevent someone from abusing that, such as authentication, rate limiting, DDOS prevention, etc - im not sure what you mean by the IP question - by default, without CORS headers, you can not fetch from a website from another origin, this video shows how to do that in a way that you're not allowing ALL websites to make those requests, but only the ones that you choose

@LearnAlongFaizan 4 ай бұрын

Great video, Please make complete tutorial on authjs v5, rolebased, customer cookie, client side validations

@colbyfayock 4 ай бұрын

thanks for the idea!

@LearnAlongFaizan 4 ай бұрын

@@colbyfayock I hope so you've started making the video, because I've turned on your notification.

@colbyfayock 5 ай бұрын

Get fresh tutorials and other free content straight to your inbox! colbyfayock.com/news

@colbyfayock 5 ай бұрын

@CricMaster-oo6uf hey thanks for the idea, will keep it in mind!

@nitinmungilwar659 5 ай бұрын

Great Colby 👍

@colbyfayock 5 ай бұрын

thanks! 🙌

@v1d300 5 ай бұрын

So I never needed the cors npm package?

@colbyfayock 5 ай бұрын

this is my first time seeing the cors package, but it looks like it's still a great and easy way to configure CORS specifically in an Express app, where im not sure that this would work inside of a serverless function? but if you wanted to avoid using CORS, you could use this technique to configure the headers yourself, which is partially what the package does