Why Doesn't Proxycurl API Support CORS?

We often receive inquiries about enabling CORS headers to allow any origin to access the Proxycurl API. However, our policy is to deliberately block requests to the Proxycurl API that are made from a browser client.

The reason for this is that it would require exposing the Proxycurl API key on client-side, making it visible to all users. This would pose a significant security risk.

Instead, we recommend setting up a middleware. All client-side requests can then be routed through this middleware. This approach ensures that no API keys are exposed on the client-side, effectively preventing any potential leaks.