this post was submitted on 23 Jun 2023
25 points (96.3% liked)
Lemmy
12568 readers
13 users here now
Everything about Lemmy; bugs, gripes, praises, and advocacy.
For discussion about the lemmy.ml instance, go to !meta@lemmy.ml.
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
The main issue you're gonna encouter is CORS. There is no real upstream decision on loosening the existing CORS permissions. The alternative is to proxy every request from everyone which will not only get you rate limited but also you will have to deal with storing people's authentication tokens which requires not only complete trust in every step of the way but also not accidentally messing things up and exposing them somewhere.
Hmm... that's interesting, I didn't think about that. Definitely not gonna proxy, that's for sure, I wanted it to be serverless.
Welp, I don't know how it could be done then. I would ping Dessalines or Nutomic, but I haven't really decided to start working on this, so I won't bother them. But if anyone feels like going for it, I'll be happy to lend a hand.
Edit: I just saw there's an open PR to allow CORS. I guess we'll see how it goes.