This is often a source of confusion for newcomers because it’s not immediately apparent what CORS<\/abbr> is supposed to achieve. Firstly CORS is not a security measure in itself, it’s actually the opposite: CORS<\/abbr> is a way to circumvent the “Same Origin Policy” which is the security measure preventing you from making [AJAX] requests to a different domain.<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"It’s sorta sad by funny that that big Zoom vulnerability thing was ultimately related to web technology and not really the app itself. There is this idea of custom protocols or “URL schemes.” So, like gittower:\/\/ or dropbox:\/\/ or whatever. A native app can register them, then URLs that hit them get passed to the […]<\/p>\n","protected":false},"author":3,"featured_media":293131,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_bbp_topic_count":0,"_bbp_reply_count":0,"_bbp_total_topic_count":0,"_bbp_total_reply_count":0,"_bbp_voice_count":0,"_bbp_anonymous_reply_count":0,"_bbp_topic_count_hidden":0,"_bbp_reply_count_hidden":0,"_bbp_forum_subforum_count":0,"sig_custom_text":"","sig_image_type":"featured-image","sig_custom_image":0,"sig_is_disabled":false,"inline_featured_image":false,"c2c_always_allow_admin_comments":false,"footnotes":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":[]},"categories":[4],"tags":[3292,779,1334],"jetpack_publicize_connections":[],"acf":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/css-tricks.com\/wp-content\/uploads\/2019\/07\/zoom-logo-pattern.png?fit=1200%2C600&ssl=1","jetpack-related-posts":[{"id":356088,"url":"https:\/\/css-tricks.com\/why-would-a-business-push-a-native-app-over-a-website\/","url_meta":{"origin":293102,"position":0},"title":"Why would a business push a native app over a website?","date":"December 10, 2021","format":false,"excerpt":"I wanted to write down what I think the reasons are here in December of 2021 so that we might revisit it from time to time in the future and see if these reasons are still relevant. I'm a web guy myself, so I'm interested in seeing how the web\u2026","rel":"","context":"In "Article"","img":{"alt_text":"","src":"https:\/\/i0.wp.com\/css-tricks.com\/wp-content\/uploads\/2021\/12\/phone-to-web.jpg?fit=1200%2C600&ssl=1&resize=350%2C200","width":350,"height":200},"classes":[]},{"id":350690,"url":"https:\/\/css-tricks.com\/application-specific-links\/","url_meta":{"origin":293102,"position":1},"title":"Application-Specific Links","date":"August 31, 2021","format":false,"excerpt":"You know like https:? That's a URL Scheme. You're probably familiar with the concept, thanks to others that come up in front-end development, like mailto:. You can actually make your own, which is pretty cool. There are a lot of them. I find that custom URL schemes come up the\u2026","rel":"","context":"In "Article"","img":{"alt_text":"","src":"https:\/\/i0.wp.com\/css-tricks.com\/wp-content\/uploads\/2021\/08\/Screen-Shot-2021-08-25-at-12.08.18-PM.png?fit=1200%2C841&ssl=1&resize=350%2C200","width":350,"height":200},"classes":[]},{"id":20203,"url":"https:\/\/css-tricks.com\/w3conf-brad-hill-html5-security-realities\/","url_meta":{"origin":293102,"position":2},"title":"[W3Conf] Brad Hill: “HTML5 Security Realities”","date":"February 22, 2013","format":false,"excerpt":"Brad Hill (@hillbrad) works at PayPal work works with the W3C on security issues. These are my notes from his presentation at W3Conf in San Francisco as part of this live blog series. You can't read anything about security without huge hyperbole about HTML security. Is it correct? Brad says\u2026","rel":"","context":"In "Article"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":352907,"url":"https:\/\/css-tricks.com\/those-get-the-app-banners\/","url_meta":{"origin":293102,"position":3},"title":"Those “Get The App” Banners","date":"October 11, 2021","format":false,"excerpt":"Why would a company promote a native app over their perfectly usable website?We\u2019d have to ask them, I suppose. But it\u2019s hard not to see this push to native as a matter of priorities: that these companies consider native applications worthy of their limited time, resources, and money. They\u2019re a\u2026","rel":"","context":"In "Article"","img":{"alt_text":"","src":"https:\/\/i0.wp.com\/css-tricks.com\/wp-content\/uploads\/2021\/09\/app-banners.png?fit=1200%2C600&ssl=1&resize=350%2C200","width":350,"height":200},"classes":[]},{"id":340759,"url":"https:\/\/css-tricks.com\/what-i-learned-building-a-word-game-app-with-nuxt-on-google-play\/","url_meta":{"origin":293102,"position":4},"title":"What I Learned Building a Word Game App With Nuxt on Google Play","date":"May 25, 2021","format":false,"excerpt":"I fell in love with coding the moment I created my first CSS :hover effect. Years later, that initial bite into interactivity on the web led me to a new goal: making a game. Table of contentsWhat\u2019s the game (and what\u2019s that name)?Choosing NuxtAchieving native app feel with the webVibration\u2026","rel":"","context":"In "Article"","img":{"alt_text":"","src":"https:\/\/i0.wp.com\/css-tricks.com\/wp-content\/uploads\/2021\/05\/quina-app.png?fit=1200%2C600&ssl=1&resize=350%2C200","width":350,"height":200},"classes":[]},{"id":338606,"url":"https:\/\/css-tricks.com\/still-hoping-for-better-native-page-transitions\/","url_meta":{"origin":293102,"position":5},"title":"Still Hoping for Better Native Page Transitions","date":"April 21, 2021","format":false,"excerpt":"It would be nice to be able to animate the transition between pages if we want to on the web without resorting to hacks or full-blown architecture choices to achieve it. I could imagine an API that would run stuff, perhaps integrating with WAAPI, before the page is unloaded, and\u2026","rel":"","context":"In "Article"","img":{"alt_text":"","src":"https:\/\/i0.wp.com\/css-tricks.com\/wp-content\/uploads\/2014\/08\/js-ecc9543f.gif?fit=975%2C670&ssl=1&resize=350%2C200","width":350,"height":200},"classes":[]}],"featured_media_src_url":"https:\/\/i0.wp.com\/css-tricks.com\/wp-content\/uploads\/2019\/07\/zoom-logo-pattern.png?fit=1024%2C512&ssl=1","_links":{"self":[{"href":"https:\/\/css-tricks.com\/wp-json\/wp\/v2\/posts\/293102"}],"collection":[{"href":"https:\/\/css-tricks.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/css-tricks.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/css-tricks.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/css-tricks.com\/wp-json\/wp\/v2\/comments?post=293102"}],"version-history":[{"count":4,"href":"https:\/\/css-tricks.com\/wp-json\/wp\/v2\/posts\/293102\/revisions"}],"predecessor-version":[{"id":293130,"href":"https:\/\/css-tricks.com\/wp-json\/wp\/v2\/posts\/293102\/revisions\/293130"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/css-tricks.com\/wp-json\/wp\/v2\/media\/293131"}],"wp:attachment":[{"href":"https:\/\/css-tricks.com\/wp-json\/wp\/v2\/media?parent=293102"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/css-tricks.com\/wp-json\/wp\/v2\/categories?post=293102"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/css-tricks.com\/wp-json\/wp\/v2\/tags?post=293102"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}