- Strapi Version: 3.6.8
- Operating System: Ubuntu 20.04 Focal Fossa
- Database: sqlLite
- Node Version: 14.16
- NPM Version: 8.x
Hello, I’ve got an API general question,
We got a front-end coded with NuxtJS linked to an API powered by Strapi.
We set some policies (isOwner for example) and some custom controllers / private attributes to restrict data access.
Currently, we can avoid CORS errors using nuxt/proxy, but this way, any users can access public data through my-front-end-domain.com/api/content-types
For example, if my front-end homepage displays blog-articles fetched publicly from Strapi, how can i restrict blog-articles fetching to my front-end site only?
Thanks in advance for help!