Skip to content

Instantly share code, notes, and snippets.

Avatar
🎯
Focusing

dushujun

🎯
Focusing
View GitHub Profile
@dushujun
dushujun / auth.markdown
Created Aug 19, 2016 — forked from mlynch/auth.markdown
AngularJS Authentication and CORS
View auth.markdown

Single Page Apps are ruling the world and AngularJS is leading the charge. But many of the lessons we learned in the Web 2.0 era no longer apply, and few are as drastically different as authentication.

CORS

CORS is an oft-misunderstood feature of new browsers that is configured by a remote server. CORS stands for Cross-Origin-Resource-Sharing, and was designed to make it possible to access services outside of the current origin (or domain) of the current page.

Like many browser features, CORS works because we all agree that it works. So all major browsers like Chrome, Firefox, and IE support and enforce it. By using these browsers, you benefit from the security of CORS.

That means certain browsers do not enforce it, so it is not relevant there. One large example is a native Web View for things like Cordova and Phonegap. However, these tools often have configuration options for whitelisting domains so you can add some security that way.

@dushujun
dushujun / 0_reuse_code.js
Created Apr 24, 2016
Here are some things you can do with Gists in GistBox.
View 0_reuse_code.js
// Use Gists to store code you would like to remember later on
console.log(window); // log the "window" object to the console
You can’t perform that action at this time.