DEV Community

Discussion on: How to avoid Meltdown, Spectre and CSRF Attacks on Web with CORP, CORB, and CORS?

Collapse
cubiclesocial profile image
cubiclesocial

It's not about ignoring security features in browsers. You are attempting to correlate/associate irrelevant vulnerabilities as being able to be defended against using CORS, etc. That's simply not the case and spreads misinformation.

Thread Thread
obetomuniz profile image
Beto Muniz Author

Not sure what you are meaning about spread misinformation, but for you, CORS can't be used to defend against CSRF attacks? CORP/CORB can't be used against Spectre/Meltdown attacks? I would love to know where you're studying because my references say exactly the opposite.

Thread Thread
obetomuniz profile image
Beto Muniz Author