Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Add support for CORS headers and pre-flight request #1603
I'm really nervous what the use-case for this is - it sounds like this involves opening the JSON-RPC port to the Internet, and letting websites use it, which to me is a massive attack surface you're potentially opening up.
Generally you'd instead have a wrapping service over the RPC port, which would include input validation, rate limiting (i.e. to defend against DoS attacks), and restrict to expected commands, and that would be where CORS would go.
That's why it's implemented in ABC (and I'm pretty sure like Eth or something else) with a