我们不支持CORS。非常不安全 尝试从浏览器中的javascript直接调用API。这暴露了一个API令牌，使某人能够通过基本身份验证访问商店中的任何数据。这将包括PII。

We do not support CORS. It is very insecure to try to call the API from javascript on in the browser directly. This exposes an API token which enables someone to have access to any data in the store available through basic authentication. This would include PII.

如果您真的需要从API调用信息，请使用一个安全的网络服务，返回非常具体的值到您的脚本，而不是直接调用。

If you really need to call info from the API, please use a secure web service that returns very specific values to your script as opposed to calling it directly.