It's ok, I've got a video coming out later where I claim that URLs are impossible for humans to understand, and that browsers should change how their URL bars work.
I'm sure Twitter will be a much nicer place then.
Hi Jake, have you tried using a proxy? I think it’s the answer to all your problems and it’s clear you haven’t thought of it. I can explain how it works if you want! I know you must not know because you obviously haven’t exhausted that idea yet :)
The idea was to build a tool that would help folks sync items in a Google Photos album to a local directory. I use a node script for this, but wicg.github.io/native-file-sy… would bring it to the web.
Unfortunately, although the Google Photos API supports CORS, the image URLs don't.
A proxy would be transferring 100s of megabytes, if not gigabytes, which would be a maintenance and cost burden. Also it defeats the point of a project that was about powerful features on the frontend.
Don't you work for Google? Surely you can just Slack the relevant engineer and just get them to add a fucking CORS header???? Or add a new endpoint?!?!?!?!
That project sounds seriously cool.
Maybe I should actually make a real list of these... Floating in the top 10 would be “I can always assume the user is using a modern browser, and can use new/novel APIs and JS features in the browser often without polyfills or fallbacks.“
I've had the same problem with github, they don't have CORS headers on their git over https endpoint, which both bitbucket and gitlab does. So just for github I was forced to have a serverside proxy. Just for them. 😕
I personally became a hater of CORS lately!
Any bad intentioned one could proxy requests with two lines of code in node.
Only good people have to waiste their times dealing with it :/
I know there are other (also skipable) reasons, but are they worth it nowadays?! :(
WAF is a layer (works like a proxy) focused in security. WAF mitigate DDoS, Script Injections and put a lot of headers and security enhancements in your requests. CloudFare offer WAF as a service, you can see more in cloudflare.com/learning/ddos/…
You tell proxy isn't an option because the resource sizes. Using WAF, you could proxy big resources, increasing security and including CORS, CSP and any security headers you want. Maybe I'm not understanding your problem clearly.
IK you said no proxying, but have you considered Cloudflare Workers? Large free tier (10m req) then 0.50$ per million req. They have no price on bandwidth so large files are not an issue. CORS example: developers.cloudflare.com/workers/templa…
Bonus: Workers have a similar API to serviceworkers.
Ok I understand. You said as a response to another question that your problem was one of cost and not of technical feasibility so I thought I'll mention an option where the price is minimal for your use case. I agree tho that having CORS in the first place is better than proxying
hey Jake! I don't know if you've thought about this, or maybe even know if the technology exists! what you do is set up a server, hit the API from there, then send it to your webapp from your server so cors isn't an issue! it's called "proxying". 😁