alt Hacker News> The only thing blocked would be client side fetch.
Exactly what I need. My API is public I just don’t want someone other than my own website to consume it. Is it that hard to understand?
> The only thing blocked would be client side fetch.
Exactly what I need. My API is public I just don’t want someone other than my own website to consume it. Is it that hard to understand?
That’s… not what cors does? CORS will only block browser-mediated “non-simple” requests, they don’t prevent other systems from accessing it as long as they don’t use a browser (or disable CORS in a headless browser).