This Product Ideas board is currently undergoing updates, but please continue to submit your ideas.
Many use cases for Airtable’s Scripting Block (and also for Custom Blocks) involve making requests to services running on another domain. Since scripts execute in the context of a web browser, such requests are restricted according to the Cross-Origin Resource Sharing (CORS) protocol. Users’ requests are frequently blocked for this reason.
At the moment, the Scripting Block does not offer a solution for this problem nor does its documentation recognize the need. Some Airtable users have found a publicly-available service to meet their immediate needs, e.g.
This is undesirable for a number of reasons:
If Airtable provided a CORS proxy, it would fill what some might argue is a hole in the capabilities of the Scripting Block. It could confidently educate users on how/why to use the service, guiding them away from unsafe practices and toward more resilient solutions.
We just soft launched with support for proxy servers that can get around CORS
Wow! I just watched the intro video on your website. This looks like an awesome (and much needed) product that solves a lot of security issues with Airtable! :slightly_smiling_face: Thank you for creating this!! :slightly_smiling_face:
This thread is about a way for Airtable to add more value for its users. If they agree that this functionality is essential, then they may not want to endorse any third party solution.
And moreover, it affects both Script-Block and Custom-Block so it’s not a weakness of Script-Block alone as it happens sometimes!
But that does not prevent me from respecting your proposal and the extensive work you share with the Community.
You are one of the People who helped me not only to learn how to put functional code on a Script-Block but to be challenging in the way to design and improve it.
@Michelle_Valentine @Kasra @Emma_Yeap @Billy_Littlefield
Now I hope that Airtable’s DEV’s will take this request in their priorities not to make us wait 2 years to offer us an internal solution at Airtable!
Funny that you posted this today and cors-anywhere put out an update today that prevents you from making more than 200 calls every 60 minutes (breaking one of my workstreams).
Glad to see some people are making some cool 3P stuff @openside!
For those looking for a solution to this issue, one that I’ve used is to create a Lambda on AWS with Api Gateway and configure the Lambda to return the proper headers to deal with CORS. Check out the documentation.
Any updates on this? How's everyone handling cross-origin requests in their Airtable scripts? Just writing serverless functions elsewhere and calling those?