I’m not too studied-up on CORS, but I know what it’s there for. Currently there’s a number of things that are not possible to do because our generator is on a different subdomain than other generators or iframes, etc. etc. and even the top-level page we’re actually on.

With that allowed (I think CORS can allow this), there’s a lot more customisation we can do of things like t2i image iframes and gallery iframes, reading/changing the top-level url, etc. Maybe that’s something you don’t want to allow, but I for one have wanted to do these things for completely benign legit reasons multiple times.

  • @LogicalAIs
    link
    English
    01 month ago

    Hey!

    I’m new to Perchance but I do have over an entire decade of Programming experience. I understand what you’re saying and I also understand what you’re trying to achieve. However, as I’ve not been Programming for like four (4) years now; things have changed, updated and been deprecated since I last done such.

    But, as far as I’ve noticed within the last few years the “Global Browsers” seem to be weaving out or deprecating iframes <iframe></iframe>. So, ultimately— if they have been deprecated as everyone was saying they would be; it may be out of Perchance’s scope of generating those iframes if they’ve been removed from the browsers “compatibilities” or “supported features”.

    However, on the CORS side of your post CORS stands for Cross-Origin Resource Sharing (CORS) which isn’t injectables (there’s a workaround via JavaScript (I’d recommend jQuery) which can “simulate” granted CORS but it’s limited “per Origin” based on their “Strict” limitations). Which means, you can’t Cross-Origin into someone’s Strict Resource Sharing; but if they explicitly “don’t add” or “forget” or “allow” then your jQuery “simulation” should allow you to cross into their CORS.

    The possibility of a successful CORS may be half to less than half depending on the REST Securities those infrastructures may or may not have in place.

    —————————————————————————————

    Breakdown:

    You can try to simulate a CORS relationship with jQuery (or whatever JavaScript “custom” Perchance uses) but it might fail more than succeed —it depends on who you’re implying CORS to, why and how.

    Hope this helps!

    • @wthit56OP
      link
      English
      21 month ago

      Just so you know, iframes are pretty much how all of perchance works. So yeah… they’re fine with iframes 😅

      As for CORS and such, yeah I’m not completely up to speed with it either. Just handing it over to the dev who’s in here too, to figure out how they want to handle such things, if at all. We’ve been discussing various methods without CORS that would still expand the capabilities to do interesting/useful (but safe) stuff.