Closed EnumC closed 7 years ago
Hi, This is intended. We strongly discourage users from implementing API queries on client side because
From a security's perspective, you should not trust input from a client. You cannot be sure that the client is running legitimate API queries to our API and returning the result that's unmodified.
We impose limitations on our free API. If it's implemented client side then one cannot control the exact amount of queries sent to our API. If you go on a custom plan which gives you a unique custom subdomain, then all the clients would know this information and abuse your custom subdomain.
I thought I could just stick it in my angular project, but I guess that wouldn't work. Thanks for the explanation.
Hi! I am implementing the service on a webapp, but my requests aren't getting through due to the lack of 'Access-Control-Allow-Origin' header on the api. Is this intended or simply skipped? Thanks!
XMLHttpRequest cannot load https://check.getipintel.net/check.php?ip=this_is_an_ip&contact=this_is_an_email_address&format=json. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:4200' is therefore not allowed access.