Discussion on: Understanding CORS

iamandrewluca profile image
Andrew Luca
  • CSRF is Cross-site request forgery
  • CORS is Cross-origin resource sharing

If no one from another origin is able to make requests to your site (CORS disabled),
then CSRF is redundant imo.

Thread Thread
mburszley profile image
Maximilian Burszley

But that's not what CORS does. Re-read the warning in the article.