therealchjones
commented
5 months ago - Detect when api is not available b/c of cross-site scripting (and authentication) (really 3rd party cookie issue, not cors) and fall back to no api functions or static-only or something
- Make testing subdir or subdomain for live testing with same-site authentication
Perhaps like all relative links within app, security not included? Could work for serving from localhost up to but not including reaching other apps. Consider testing with sample APIs and data?