Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
elric
8 months ago
|
parent
|
context
|
favorite
| on:
A proposal to restrict sites from accessing a user...
The mistake was putting CORS on the server side. It should have been part of the browser. "Facebook.com wants to access foo.example.com: y/n?"
But then we would have had to educate users, and ad peddlers would have lost revenue.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
But then we would have had to educate users, and ad peddlers would have lost revenue.