tomayac opened this issue 2 years ago · 0 comments
To make key abuse harder, API keys should be tied to an origin, so if one signs up for https://example.com, the provided key would not work for https://other-example.com.
https://example.com
https://other-example.com