Restricted domains per API keys #699

New Issue

Closed

opened 2025-11-09 09:56:15 -06:00 by GiteaMirror · 1 comment

GiteaMirror commented 2025-11-09 09:56:15 -06:00

Owner

Copy Link

Originally created by @benbaja on GitHub (Jan 28, 2025).

describe the feature you'd like to see

Hey there,
I would love to have the possibility to restrict certain API keys to a domain or a list of domains, as it is possible with ip adresses at the moment, for example to manage different webapps using the same cobalt instance as the backend and avoid having the API key intercepted and used by other parties.
I'm not extremely familiar with CORS but I would be down to give it a shot and open a merge request if this feature is possible and/or interesting to other people.
Kudos for the hard work! 🥇

additional context

No response

Originally created by @benbaja on GitHub (Jan 28, 2025). ### describe the feature you'd like to see Hey there, I would love to have the possibility to restrict certain API keys to a domain or a list of domains, as it is possible with ip adresses at the moment, for example to manage different webapps using the same cobalt instance as the backend and avoid having the API key intercepted and used by other parties. I'm not extremely familiar with CORS but I would be down to give it a shot and open a merge request if this feature is possible and/or interesting to other people. Kudos for the hard work! 🥇 ### additional context _No response_

GiteaMirror added the feature request label 2025-11-09 09:56:15 -06:00

GiteaMirror closed this issue 2025-11-09 09:56:16 -06:00

GiteaMirror commented 2025-11-09 09:56:16 -06:00

Author

Owner

Copy Link

@dumbmoron commented on GitHub (Jan 29, 2025):

this is not possible because someone can just impersonate any headers that would imply it's coming from a particular domain

@dumbmoron commented on GitHub (Jan 29, 2025): this is not possible because someone can just impersonate any headers that would imply it's coming from a particular domain

GiteaMirror referenced this issue 2026-04-11 06:12:51 -05:00

[GH-ISSUE #699] Add NicoNico support links #1817

GiteaMirror referenced this issue 2026-04-13 11:49:07 -05:00

[GH-ISSUE #699] Add NicoNico support links #3301

GiteaMirror referenced this issue 2026-04-16 00:08:58 -05:00

[GH-ISSUE #699] Add NicoNico support links #4786

GiteaMirror referenced this issue 2026-04-19 08:19:36 -05:00

[GH-ISSUE #699] Add NicoNico support links #6271

GiteaMirror referenced this issue 2026-04-21 19:44:53 -05:00

[GH-ISSUE #699] Add NicoNico support links #7758

GiteaMirror referenced this issue 2026-04-24 15:23:06 -05:00

[GH-ISSUE #699] Add NicoNico support links #9246

GiteaMirror referenced this issue 2026-05-08 07:24:54 -05:00

[GH-ISSUE #699] Add NicoNico support links #11708

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

develop

temp-forced-yt-player

nicovideo

api-client

No results found.

Labels

Clear labels

3rd party app support

bug

can reproduce

can't reproduce

documentation

duplicate

feature request

help wanted

instance hosting help

invalid

main instance issue

need more info

needs fixing

next major

not an issue

pull-request

Mirrored from GitHub Pull Request

question

region lock issue

security

service request

skill issue

web ui

No Label feature request

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/cobalt#699