I don’t think there is any technical reason why the communication with the manifold APIs couldn’t just happen on the frontend, so it might be worth looking into?
I tried to do this initially but it was blocked by Manifold’s CORS policy. I was trying to keep everything in the frontend but this and the call to fetch the authenticated user both require going via a server unfortunately.
Also something else to note in terms of privacy: I log the username and the amount when someone places a bet.
It doesn’t need the API key at all to calculate the recommended amount, so for people concerned about this you can just paste the amount into Manifold
Good point, this is worth considering :)
I tried to do this initially but it was blocked by Manifold’s CORS policy. I was trying to keep everything in the frontend but this and the call to fetch the authenticated user both require going via a server unfortunately.
Also something else to note in terms of privacy: I log the username and the amount when someone places a bet.
It doesn’t need the API key at all to calculate the recommended amount, so for people concerned about this you can just paste the amount into Manifold
Ah, yes, the CORS policy would be an obstacle. It might be possible to contact them and ask to be added to the list.