This is needlessly pedantic, and you know it. The same-origin policy makes lots of things a real pain in the ass, and that there is no escape hatch for those times I know that there are some missing headers on my responses doesn’t make sense.
What OP obviously meant was a way to disable same origin policy checks.
It isn’t anything of the sort. If they think the problem is CORS, they are going to put all their effort into trying to figure out how to disable CORS. This will not help them in the slightest. What they want, in effect, is to have a configuration that is as if CORS is on all the time, which they would never think to do if they think it’s CORS stopping them from doing what they want.
> What OP obviously meant was a way to disable same origin policy checks.
Yes, and they showed absolutely no knowledge of the fact that the SOP even exists. They think it’s CORS doing it. Pointing out this is backwards and pointing out what is actually causing their problem is helpful, not pedantic.
Congratulations on figuring out what I meant by a simple one line frustrating comment I made while I was walking to the toilet where I couldn't be bothered to set up a 2 paragraph explanation of precisely what I was talking about.
What OP obviously meant was a way to disable same origin policy checks.