Android app and Web clients having one backend
i want to have flutter android and typescript react clients to talk with backend, should I use only one , because it means I need to allow all headers for CORS and turn of CSRF for android app, what would be advise?
2 Replies
You don't need to allow all for CORS
The Android app doesn't use a browser window so CORS doesn't matter
And the React client will be hosted on a specific domain, I'd assume
So just allow that domain in CORS
Turning off CSRF, sure
Thanks