Speaking of WASM. Is there a way to run code in the browser that calls endpoints secured with CORS? I tried looking it up recently but no luck. I feel its a pretty big limiter when trying to call out to third parties directly and letting people bring their own API key.
I've been thinking about making a web GUI over gmailctl for easy editing but want to make it very easy to use without hosting and without people sending me their keys.
If I understand correctly, you're talking about making HTTP requests from code running in the browser to a third-party API.
Whether you're doing WASM or Javascript, you use fetch() and need to have your CORS ducks in a row. How exactly you call fetch() depends on your toolchain, but anything trying to be general-purpose will expose it somehow.
Thanks for clarifying. I hope that one day there is a way to securely make those kinds of requests in the client side. Until then I'll be using a proxy to strip the cors headers.
I've been thinking about making a web GUI over gmailctl for easy editing but want to make it very easy to use without hosting and without people sending me their keys.