DEV Community

loading...

Discussion on: Why Facebook's api starts with a for loop

Collapse
abhijitparida profile image
Abhijit Parida

Is the API still vulnerable if CORS is disabled?

Collapse
antogarand profile image
Antony Garand Author

No, this has been fixed about 10 years ago in the ECMA specs, no modern browsers are vulnerable to this specific approach.