Allow cross origin resource sharing
Closed this issue · 2 comments
Hello drg-api people o/
I've recently been looking to build a little project based on the data you're providing with your api but couldn't access it without a CORS proxy. After some research and studying of your code, my idea is to allow all origins to perform a GET call to your api.
For context - My project is hosted on StackBlitz and cannot access your data as the host.
I've tried my best to give you an idea of how I'd implement such a change with my pull request. I would be very happy to see this change happening, as it would allow hobby creators like me to access your data comfortably without their own server. If this isn't the perfect solution I'd also be happy to assist in finding it.
Kind regards,
Syvex (Scout Main) :)
Thank you for your contribution! I just left one minor comment on your PR
im happy this got through! it gives me a much better feeling to not use a cors proxy :)
you're right that it generally isnt a great idea to just allow every origin, but since this api only allows GET calls anyway, the only abuse possible would be spamming it. i honestly dont really know how to prevent that on api level, but in my application i've simply disabled the button for 5 seconds after every click.
now malicious souls can still spam requests, but solutions for that should be common all over the web.