You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am planning on creating a desktop app with Vue and Electron. This is some kind of a monitoring application that frequently pulls data from an external API. Naturally, when fetching the data using Axios, I am getting blocked by CORS. I know that disabling the webSecurity is not ideal but this is the only way I can successfully pull the data.
I am sending the credentials on each request to retrieve the data because JWT authentication has not been implemented yet.
Question: Is it still safe to proceed with the webSecurity disabled? Very few people would use the app (less than 8) and it would not be distributed to anyone outside of the organization. Also, we only have 1 dedicated account that can pull the data and it is shared to everyone in our team.
This discussion was converted from issue #680 on June 24, 2021 11:32.
Heading
Bold
Italic
Quote
Code
Link
Numbered list
Unordered list
Task list
Attach files
Mention
Reference
Menu
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hi,
I am planning on creating a desktop app with Vue and Electron. This is some kind of a monitoring application that frequently pulls data from an external API. Naturally, when fetching the data using Axios, I am getting blocked by CORS. I know that disabling the
webSecurityis not ideal but this is the only way I can successfully pull the data.I am sending the credentials on each request to retrieve the data because JWT authentication has not been implemented yet.
Question: Is it still safe to proceed with the
webSecuritydisabled? Very few people would use the app (less than 8) and it would not be distributed to anyone outside of the organization. Also, we only have 1 dedicated account that can pull the data and it is shared to everyone in our team.Beta Was this translation helpful? Give feedback.
All reactions