@jeffalo pls allow any origin to use the api (cors)
if you’re logged in a malicious site could post as you for example
You still send auth with requests lil
@jeffalo pls help me to explain
Are you able to get cookies from the request?