You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@skywalking.apache.org by GitBox <gi...@apache.org> on 2021/03/06 08:04:27 UTC

[GitHub] [skywalking-client-js] Fine0830 removed a comment on pull request #45: add `originAllowlist` option

Fine0830 removed a comment on pull request #45:
URL: https://github.com/apache/skywalking-client-js/pull/45#issuecomment-791892682


   > Let me give you an example. We used an SDK for a local service, and now we can know the origin of the service they provide. However, the SDK may be upgraded and they may change the service address. The situation is out of your control. For example, an SDK in the form of Google Analytics(Just an example, Google Analytics does not use XHR). In addition, adding extra headers can be dangerous when crossing domains. Services (third) that are not processed across domains will not be available. To make the service more manageable, I suggest whitelisting. 吴晟 Wu Sheng <no...@github.com>于2021年3月6日 周六15:07写道：
   > […](#)
   > At least, if you insist you can't, use the regex to do exclusive match. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <[#45 (comment)](https://github.com/apache/skywalking-client-js/pull/45#issuecomment-791887250)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAZ3CNWD6LY4JTS5NXQSPGTTCHID3ANCNFSM4YURSEZQ> .
   
   `
   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org