>
hello
About
Blog
Testimonials
cross-origin resource sharing
2023
A smorgasbord of a bug chain: postMessage, JSONP, WAF bypass, DOM-based XSS, CORS, CSRF...
May 5
Fearless CORS: a design philosophy for CORS middleware libraries (and a Go implementation)
Feb 8
2022
Scraping the bottom of the CORS barrel (part 1)
Aug 4