You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As I mentioned here, aiohttp unconditionally adds Accept-Encoding: gzip, deflate header, without adding Referer or Origin, so it triggers myStrom's CORS protection
A workaround is to disable CORS protection on the device, but a better solution would be to add Referer or Origin header to avoid compromising security even more.
This protection was introduced in the following firmware versions:
WS2/WSE/WRS/WLL 3.82.56
WRB 2.59.32
WBP/WBS 2.74.36
The text was updated successfully, but these errors were encountered:
As I mentioned here, aiohttp unconditionally adds
Accept-Encoding: gzip, deflateheader, without addingRefererorOrigin, so it triggers myStrom's CORS protectionA workaround is to disable CORS protection on the device, but a better solution would be to add
RefererorOriginheader to avoid compromising security even more.This protection was introduced in the following firmware versions:
The text was updated successfully, but these errors were encountered: