vinlee19 opened a new pull request, #25107: URL: https://github.com/apache/doris/pull/25107
## Proposed changes 1. creating this cookie without the "secure" flag 2. enabling CORS is safeļ¼The Access-Control-Allow-Origin header should be set only for a trusted origin and for specific resources. Thus, you can set `access_control_allowed_origin_domain="trustedwebsite.com"`. By default, any domain name is allowed cross-domain access,`access_control_allowed_origin_domain = "*"` <!--Describe your changes.--> ## Further comments If this is a relatively large or complex change, kick off the discussion at [d...@doris.apache.org](mailto:d...@doris.apache.org) by explaining why you chose the solution you did and what alternatives you considered, etc... -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@doris.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@doris.apache.org For additional commands, e-mail: commits-h...@doris.apache.org
