This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Talk:CORS OriginHeaderScrutiny

From OWASP
Revision as of 01:38, 30 May 2018 by Jweiler (talk | contribs) (request for clarification of some statements)

Jump to: navigation, search

what does "protract allowed domain guessing" mean?

I don't understand what this is trying to say - "It's the browser (or others tools) that send the HTTP request then the IP address that we have access to is the client IP address"