mrboutte
07/31/2021, 11:02 PMmrboutte
07/31/2021, 11:09 PMmrboutte
07/31/2021, 11:09 PMFlyken
07/31/2021, 11:09 PMScott P
07/31/2021, 11:12 PMauth.uid()
in place, they won't be able to access the tables unless they've got an authed user.
You've got a few options:
- Accept it
- Route requests through an API, which introduces more complexity as you have to proxy requests back to the front-end (including headers)
If you were self-hosting, you could definitely setup CORS policies - I've not personally dug into that, but I know there's some in place in the self-hosted version, though I think it's just *
/ all originsmrboutte
07/31/2021, 11:13 PMScott P
07/31/2021, 11:19 PMmrboutte
07/31/2021, 11:22 PMSite URL
declared in settings would be permitted?Scott P
07/31/2021, 11:23 PMScott P
07/31/2021, 11:28 PMAllowedOrigins
parameter (as per https://github.com/rs/cors#parameters), so it looks like all origins are allowed :\mrboutte
07/31/2021, 11:29 PMmrboutte
07/31/2021, 11:29 PMmrboutte
07/31/2021, 11:29 PMScott P
07/31/2021, 11:35 PMXyo
08/01/2021, 3:00 AMXyo
08/01/2021, 3:01 AMXyo
08/01/2021, 3:01 AMXyo
08/01/2021, 3:02 AMXyo
08/01/2021, 3:02 AMXyo
08/01/2021, 3:02 AMXyo
08/01/2021, 3:03 AMXyo
08/01/2021, 3:03 AMXyo
08/01/2021, 3:04 AMXyo
08/01/2021, 3:04 AMScott P
08/01/2021, 3:17 PMXyo
08/01/2021, 3:22 PMXyo
08/01/2021, 3:23 PMXyo
08/01/2021, 3:23 PMXyo
08/01/2021, 3:24 PMXyo
08/01/2021, 3:25 PM