Hi Ying,
AFAIK, CORS headers are something to do with browser
implementation/support, here is a list of browsers that support this
https://caniuse.com/#feat=cors.
So, to answer your question in short, no, CORS header does not provide
protection over curl.
On Fri, 29 Jun 2018 at 10:31, Ying Chen
Hello -
So, what you are saying is that - this is something that is protected over
web socket, but not thru the HTTP endpoint?
curl just exercises an http call.
Ying
On Mon, Jun 25, 2018 at 9:19 PM, Prabhjyot Singh
wrote:
> Hi Ying,
>
> This config "zeppelin.server.allowed.origins" is to
Hi Ying,
This config "zeppelin.server.allowed.origins" is to do with setting CORS
header, which means this will continue to work over curl, but will get
blocked over any browsers. I've attached a screenshot for reference.
[image: Screenshot from 2018-06-26 09-48-23.png]
Let me know if this hel
