Closed frank-dspeed closed 5 years ago
The Cloudflare API doesn't return CORS headers allowing access from a browser.
Just to add some additional info, I imagine running this API code in a browser would pose critical security risks. End users like to re-use existing API tokens/keys across multiple projects without correctly defining permissions. An attack vector would appear here if someone looked in the webpage script source and found that API key, then used it for personal gain. The same is true if someone could get ahold of your Node project code.. but this code was built for projects that are likely running on Docker in enterprise server settings.
Why can't this run in a browser?