DEV Community


Discussion on: Avoiding CORS errors on localhost (in 2020)

andypotts profile image
Andy Potts Author • Edited

Good points, I should have made this more clear in my post.

  1. If you're developing on localhost using APIs you know and trust there are no security risks. If you're browsing the web with CORS disabled you're potentially leaving yourself open to attacks.

  2. Yes, if you're consuming public APIs. The CORS anywhere public demo was supposed to be a quick alternative solution. You might be right about adding a proxy within webpack Dev server, I'll take a look at that as a third option!