CORS

Cross-Origin Resource Sharing (CORS) is a mechanism that allows or denies cross-origin requests in the browser. It prevents websites that you've not explicitly allowed from using your API. Note that it doesn't protect non-browser clients like server side code or a mobile app from using your typegraphs, only browsers implements the CORS mechanism. More details can be found here.

Typescript SDK
Python SDK

If your browser support well CORS, you should the following error if you try to run the interactive demo.

{
  "errors": [
    {
      "message": "NetworkError when attempting to fetch resource.",
      "stack": ""
    }
  ]
}

Look in the network tab of your browser inspect tools to see the error proper.

By the way, there is a hidden cors header in all interactive demos you have met so far:

# ..
Cors(allow_origin=["https://metatype.dev", "http://localhost:3000"])
# ..