I’m not too studied-up on CORS, but I know what it’s there for. Currently there’s a number of things that are not possible to do because our generator is on a different subdomain than other generators or iframes, etc. etc. and even the top-level page we’re actually on.
With that allowed (I think CORS can allow this), there’s a lot more customisation we can do of things like t2i image iframes and gallery iframes, reading/changing the top-level url, etc. Maybe that’s something you don’t want to allow, but I for one have wanted to do these things for completely benign legit reasons multiple times.
Bug: if a #hash is set in the address, Auto will scroll to that instead of leaving the scroll where it is. Perhaps you’re re-handling the hash after auto-partial-load, but I think could be skipped. I think refreshing on a regular web page won’t re-scroll to the hash target.
Thanks! Fixed.
👍