Skip to main content

I would like to show to my users that they are using the Strava API with limit (100 request per 15 minutes, etc.)

The Strava API has HTTP response header for that : 

X-Ratelimit-Usage and X-Ratelimit-Limit
 
I would like to use them in the HTTP javascript fetch API. But I need the CORS Setting for that: Access-Control-Expose-Headers
 
Thanks if you can add it. 😊

I have the same issue/ request. How are we supposed to handle rate limiting as suggested in the CORS setting doesn't allow us the view the header that tells the usage?


okay, I figured this out. Has to be done on the server side. For security the browser respects cors, makes sense to not expose headers. On a server-side request, you can ignore the directive and get to the headers. I created a endpoint on my server to hit the strava api, then pointed my front end js to my own endpoint. same site doesn't have the cors issue but I just passed them along in the payload rather then adding them to my headers. hopefully that makes sense and helps someone.


Reply