Potential CORS issues with Beaker apps?

Say I write code to pull in a dat resource (like a CSV file). And then I add a search input and display results in this app.

Will I run into issues during the development process with CORS? I get that today all the time with normal web development.

Yep. At this stage, Beaker doesn’t enforce CORS between Hyperdrives, because it would basically run counter to the premise of using the drives as the storage network for applications (just like you describe).

On a security level, have you thought about a manifest file that would basically list out all of the resources that a given app will access? Kinda like how Deno specifies things with --allow-domain

I know there are some basic permissions for beaker apps, right?

Yeah we’re still figuring out exactly how permissions should work. It’ll be underspecced until we understand the ecosystem a little better.

1 Like

Note that Dat support in dat-fox and the Cliqz browser does enforce CORS.