(no title)

1. The resource owner doesn’t want you fetching their resource.

2. They don’t want to suddenly be flooded with requests.

Each of these points has counterarguments. For example, the Same Origin Policy (SOP) only restricts fetches from the client side, and nothing stops people from fetching via a backend.

The second argument makes sense, the resource owner doesn’t want their resource to be freely fetched and to suddenly receive thousands of requests that their server likely can’t handle. SOP helps prevent this, but if you’re fetching from the backend, you should implement caching to avoid repeatedly hitting the target resource.

I created a CORS proxy [0] to handle this scenario, including caching responses.

There are also several free CORS proxies [1] available, they might be considered sketchy, but they’re probably fine for testing.

[0] https://corsfix.com

[1] https://gist.github.com/reynaldichernando/eab9c4e31e30677f17...