That's an interesting find thanks. I was not aware of no-cors mode.
It seems though that a browser would not allow 'non-simple' headers in no-cors mode[0].
Authorization headers for example would not be allowed (if i'm reading correctly). So any API using that header would not be affected by this issue right?
Two old friends riffing off each other about the world.
I've listened all the way through twice and both times have found myself laughing out loud and deep in thought simultaneously.
I look forward to seeing how Eric Weinstein will continue to evolve The Portal in 2021. No doubt he will continue to deliver outstanding content in his own uncompromising style.
It seems though that a browser would not allow 'non-simple' headers in no-cors mode[0].
Authorization headers for example would not be allowed (if i'm reading correctly). So any API using that header would not be affected by this issue right?
[0] https://developer.mozilla.org/en-US/docs/Web/API/Request/mod...