- From: Ziyad Parekh <notifications@github.com>
- Date: Fri, 07 Dec 2018 14:58:02 -0800
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Friday, 7 December 2018 22:58:23 UTC
Sorry if i'm not explaining it correctly. Lets say you load `visa.com` in your browser and it loads up the front-end app. Now the front-end app needs to make a request to (for example) `https://secure.com` which returns `text/html` (to load a secure form for instance) If `https://secure.com` doesnt have the access-control-origin-header set on the response it will be blocked by cors and subsequently corb (right?) My question is, what is the best practice to show the html returned from `https://secure.com` to the user? Should visa.com send a request to visa.com backend which would then request `https://secure.com` server side and then return the html to be shown to the user? Or is there another best practice to achieve this? -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/681#issuecomment-445391173
Received on Friday, 7 December 2018 22:58:23 UTC