Meet Patel
Reputation: 26
What does the following block of code do, and do I need it?
I have really sensitive information, keep in mind. What does this do and why do i need it, if i even do?
app.use(function (req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS');
res.header("Access-Control-Allow-Headers", "X-Requested-With");
res.header("Access-Control-Allow-Headers", "Content-Type");
res.header("Access-Control-Max-Age", "3600");
next();
});
Upvotes: 0
Views: 33
Answers (1)
Amadan
Reputation: 198314
It is part of access control, saying that whoever wants to use your web page, they can (i.e. it explicitly allows cross-origin requests). Whether you need it or not, is on you to decide. This allows everyone to use your site's resources, which might be the whole point, or it might be a very easy target for coordinated DDoS attack. Or both.
Upvotes: 1
Related Questions
- What does the second line of the code mean?
- Can anyone explain to me what this snippet of code is doing?
- what does these three lines of code do when initializing an express app in Node.js with socket.io?
- What's the purpose of the express.js boilerplate code?
- I can't seem to understand the meaning of this one line of code (JavaScript)
- How to understand this Node.js code snippet?
- Cant understand this Express JS source snippet
- what does this line of code in express.js mean?
- Express: How does this function work?
- Could someone explain what this node.js code means please?