rviscomi
commented
9 months ago +1 to leaving the APIs open for now. If needed we could set up domain-restricted API keys.
Closed tunetheweb closed 8 months ago
rviscomi
commented
9 months ago +1 to leaving the APIs open for now. If needed we could set up domain-restricted API keys.
I'm sure there's a better way to do this, but here's what I did to unblock Sarah.
@rviscomi not sure if we want to restrict these calls to certain domains? CORS is more a browser protection than a real security protection if we're concerned about rate limit these and the data is read-only from the API calls to happy to have them open from a CORS perspective.
@maceto, feel free to re-code this in a better way!