Is it safe to allow locahost as trusted origin
In basic usage localhost is on of the example values.
I'm wondering is it safe to set that in production environments?
Security | Better Auth
Better Auth security features.
3 Replies
No, although it is an example I can understand your perspective that it can cause confusion or miss-lead people. I'll update it.
So we should only include localhost in the arr if env is in development
Yeah