Why Does Galxe Need Cross-Domain Checks?
1. Ensure Target API Authorization
When Galxe calls third-party APIs from the backend, it is necessary to confirm whether these APIs have open access permissions. The CORS configuration authorizes access by returning theAccess-Control-Allow-Origin
header:
Designated Source: Such as https://dashboard.galxe.com
.
Wildcard (*
): Allows all sources, including Galxe.
2. Prevent Unauthorized Calls
CORS checks can prevent: Data Breach: Prevent unauthorized sources from accessing the API. Abuse of Functionality: Restrict the scope of API calls.The Working Mechanism of CORS
1. Access-Control-Allow-Origin
The target API can be authorized in two ways: Designated Source: More stringent configuration, allowing requests only from Galxe.- Wildcard (*): Allows cross-origin requests from all sources and meets authorization requirements.