{"html_url": "https://github.com/simonw/datasette/issues/75#issuecomment-344000982", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/75", "id": 344000982, "node_id": "MDEyOklzc3VlQ29tbWVudDM0NDAwMDk4Mg==", "user": {"value": 9599, "label": "simonw"}, "created_at": "2017-11-13T17:50:27Z", "updated_at": "2017-11-13T17:50:27Z", "author_association": "OWNER", "body": "This is necessary because one of the fun things to do with this tool is run it locally, e.g.:\r\n\r\n     datasette ~/Library/Application\\ Support/Google/Chrome/Default/History -p 8003\r\n\r\nBUT... if we enable CORS by default, an evil site could try sniffing for localhost:8003 and attempt to steal data.\r\n\r\nSo we'll enable the CORS headers only if `--cors` is provided to the command, and then use that command in the default Dockerfile.", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 273509159, "label": "Add --cors argument to serve"}, "performed_via_github_app": null}