Why don’t browsers’ same-origin policies allow anonymous cross-origin requests?
Generally I’ve read the motivation for browser same-origin policies is to prevent data being obtained by an attacker because of the sending of credentials in a cross-origin request, and that if you’re requesting entirely public data, the b… Continue reading Why don’t browsers’ same-origin policies allow anonymous cross-origin requests?