Everyone's had CORS issues and the solution you've come up with works well for development and learning purposes. Part of the issue lies in the fact that you're making the API call from the browser which has more stringent checks on the kinds of requests it will allow. A server to server call doesn't have to deal with CORS which is how the proxy works. You make the request to that server which then makes the request to the API, the API sends back the data to the proxy which sends it to you with a new header on the response which the browser is happy with:
Chrome: make request to Heroku ↔ Heroku-proxy: Send and get response from API, attach Access-Control-Allow-Origin header, send everything back to browser ↔ API: send data to proxy
When you can create your own servers you won't run into this issue as much but it's good to understand why it happens.
The top answer on this question has a good explanation. Ultimately there's not much more you can do than what've you tried already, but hopefully you have a better understanding of why it happens!
Relates #17
Everyone's had CORS issues and the solution you've come up with works well for development and learning purposes. Part of the issue lies in the fact that you're making the API call from the browser which has more stringent checks on the kinds of requests it will allow. A server to server call doesn't have to deal with CORS which is how the proxy works. You make the request to that server which then makes the request to the API, the API sends back the data to the proxy which sends it to you with a new header on the response which the browser is happy with:
Chrome: make request to Heroku ↔ Heroku-proxy: Send and get response from API, attach Access-Control-Allow-Origin header, send everything back to browser ↔ API: send data to proxy
When you can create your own servers you won't run into this issue as much but it's good to understand why it happens.
The top answer on this question has a good explanation. Ultimately there's not much more you can do than what've you tried already, but hopefully you have a better understanding of why it happens!