CORS and Programmer Types

There are many types of programmers  – and I would think that I can give an example about how they think differently. 

My example will be with CORS  – that means, accepting requests  from other site(s) . In ASP.NET  , there is a simple way to accept anything ( see tutorial at https://docs.microsoft.com/en-us/aspnet/core/security/cors?view=aspnetcore-5.0 )

.AllowAnyOrigin().AllowAnyHeader().AllowAnyMethod()

And this will be , usually, enough. But , later on, you want to know WHO calls your API – so you add

.AllowAnyOrigin().AllowAnyHeader().AllowAnyMethod().AllowCredentials()

And you think that it is ok – but, at running, an error occurs.

The CORS protocol does not allow specifying a wildcard (any) origin and credentials at the same time. Configure the CORS policy by listing individual origins if credentials needs to be supported.

What do you do  ?  Depending on your answer , you are a different kind of programmer. Think – and read below ( or add to the comments )

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

1. The Search Programmer

This will google/bing  the error and find ( eventually – or not !  ) https://jasonwatmore.com/post/2020/05/20/aspnet-core-api-allow-cors-requests-from-any-origin-and-with-credentials   . He can fall back to 3 type.

2. The DIY /NIH  Programmer

This will study the CORS protocol for many days . Then he will make his code to solve the problem.

3.. The Framework / Documentation  Programmer

This will think – there have to be a way- the people that have made the framework will be better. So he will read all the functions and he will see https://docs.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.cors.infrastructure.corspolicybuilder.setisoriginallowed?view=aspnetcore-5.0 .  He can fall back to 1 type if he cannot find an answer.

What kind of programmer are you ? ( I am the 3rd kind )