Jens Bannmann ⁂Dec 12

🎡
Hello, CORSness, my old friend
I've come to talk with you again

As I've experienced repeatedly for years, #CORS (#CrossOriginResourceSharing) is notoriously difficult to understand, reason about and implement. So I should not be surprised to find a problem in #Quarkus related to it, and that it has gone unnoticed for years. #Sigh

I hope the bug report I wrote is clear and actionable: https://github.com/quarkusio/quarkus/issues/51541

I'd like to migrate @ChronoLink to Quarkus, but this bug is a showstopper for that: the obvious workaround - opening up POST/PUT/DELETE to CORS - feels risky.

Speaking of risk: this being a hobby project means there is a real risk I won't find the time or energy to write the reproducer the Quarkus team rightly asks for. Oh well...

#JakartaEE #Java #Programming #IndieDev

CORS filter complains about "wrong" method on same-origin POST request Β· Issue #51541 Β· quarkusio/quarkus

Describe the bug I run a Quarkus application on https://settings.example.com and an associated static web site on https://www.example.com. Here's the CORS config: quarkus.http.cors.enabled=true qua...

GitHub
Lea RosemaMar 12, 2025
Wednesday morning. A usual workday. I would prefer to deal with "the Corrs" with 2 R. But today it's the other CORS, with 1 R, which I have to deal with. #crossOriginResourceSharing. It's mostly on the backend side when it doesn't work, but frontend always gets the ticket about the stuff not working πŸ™ˆ
Tarnkappe.infoJul 25, 2023
πŸ“¬ AnimeDao.to hat illegales Streaming-Portal geschlossen
#Rechtssachen #Streaming #Szene #ACE #animedaoto #bunnycdnnru #CORS #CrossOriginResourceSharing #gogoanime #WatchLegally https://tarnkappe.info/artikel/rechtssachen/animedao-to-hat-illegales-streaming-portal-geschlossen-278901.html
AnimeDao.to hat illegales Streaming-Portal geschlossen

In drei Monaten konnte das illegale Streaming-Portal AnimeDao.to rund 55 Millionen einzelne Besucher aufweisen. Jetzt ist Schluss damit.

Tarnkappe.info
ITSEC NewsJul 29, 2020
OkCupid Security Flaw Threatens Intimate Dater Details - Attackers could exploit various flaws in OkCupid's mobile app and webpage to steal victims' sensit... more: https://threatpost.com/okcupid-security-flaw-threatens-intimate-dater-details/157809/ #crossoriginresourcesharing #vulnerabilities #okcupidsecurity #maliciouscode #mobileappflaw #vulnerability #securityflaw #websecurity #datingapp #okcupid #hack
OkCupid Security Flaw Threatens Intimate Dater Details

Attackers could exploit various flaws in OkCupid's mobile app and webpage to steal victims' sensitive data and even send messages out from their profiles.

Threatpost - English - Global - threatpost.com