cross-origin resource sharing

2023

A smorgasbord of a bug chain: postMessage, JSONP, WAF bypass, DOM-based XSS, CORS, CSRF... May 5
Fearless CORS: a design philosophy for CORS middleware libraries (and a Go implementation) Feb 8

2022

Scraping the bottom of the CORS barrel (part 1) Aug 4