It enables CORS requests from any website to any domain making you vulnerable to CSRF and session hijacking. CORS is enabled on browsers because its a security standard.
Hahahaha @rsa
is right. That extension is meant for developing purposes, meaning I'm not going to have it turned on everytime for the reasons you mentioned.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
It enables CORS requests from any website to any domain making you vulnerable to CSRF and session hijacking. CORS is enabled on browsers because its a security standard.
Hahahaha @rsa is right. That extension is meant for developing purposes, meaning I'm not going to have it turned on everytime for the reasons you mentioned.