Mixed Content

With mixed content, users will be under the impression that they are on a secure, encrypted connection because they are on an HTTPS-protected site, but the unencrypted elements of the page create vulnerabilities, opening up those users to malicious activity such as unauthorized tracking and man-in-the-middle attacks. The severity of the vulnerability depends on whether the mixed content is passive or active.

Cross-origin resource sharing

When developing applications, a CORS error can be an annoying and workflow-breaking error. While CORS prohibition is primarily designed to protect the end-user, it can often overcomplicate the data flow and cause development headaches. A simple solution to this is to use a CORS proxy.