I'm sure there's a better way to do this, but here's what I did to unblock Sarah.
@rviscomi not sure if we want to restrict these calls to certain domains? CORS is more a browser protection than a real security protection if we're concerned about rate limit these and the data is read-only from the API calls to happy to have them open from a CORS perspective.
@maceto, feel free to re-code this in a better way!
I'm sure there's a better way to do this, but here's what I did to unblock Sarah.
@rviscomi not sure if we want to restrict these calls to certain domains? CORS is more a browser protection than a real security protection if we're concerned about rate limit these and the data is read-only from the API calls to happy to have them open from a CORS perspective.
@maceto, feel free to re-code this in a better way!