I remember there being a CORS problem in a team project.
Perhaps I should ask the webdev at the time whether they had made that thing with AI or they really just made the whole thing themselves and somehow overlooked CORS.
CORS has always been a problem. I keep having to remind the backend team to send proper headers. They say it works in curl so why not in the browser. It’s not very intuitive.
It could be either way, I haven’t tried “vibe coding” but I imagine you’re right if you don’t tell it to explicitly deal with CORS, AI probably doesn’t
Hehe yeah, security in general has been an afterthought in the computing space.
And it makes sense. You first make something possible, then restrict it for whatever cases you don’t want it happening. The latter is supposed to be easier.
I remember there being a CORS problem in a team project.
Perhaps I should ask the webdev at the time whether they had made that thing with AI or they really just made the whole thing themselves and somehow overlooked CORS.
CORS has always been a problem. I keep having to remind the backend team to send proper headers. They say it works in curl so why not in the browser. It’s not very intuitive.
When I was learning, CORS was a pain in my ass. It’s not taught well, and often glossed over.
So I guess AI and hence, vibe coders are having the same problems as normal programmers.
It could be either way, I haven’t tried “vibe coding” but I imagine you’re right if you don’t tell it to explicitly deal with CORS, AI probably doesn’t
Yeah, I guess the CORS problem would have been fixed by now (by feeding CORS examples codes of course) by at least the dev targetted brands.
Cors was usually not part of any tutorials. To new people it was more of an afterthought, just set policy to get you page to work.
Hehe yeah, security in general has been an afterthought in the computing space.
And it makes sense. You first make something possible, then restrict it for whatever cases you don’t want it happening. The latter is supposed to be easier.