- Local time
- Oct 5, 2019
I feel dumb right now.
Is there any reliable way to verify the origin domain of an ajax request? 🤔
referer header isn't reliable - so is there any way? Public credentials without domain verification are useless.
I really feel dumb. 🙈💩