In the frontend world where you have client-side API keys talking directly to 3rd party services from the client. Think things like Google Maps and similar.

▲

londons_explore 8 hours ago | parent [-]

Which is a stupid idea for something where there is billing involved... Anyone on the internet can take that key and scrape the Google maps API (faking the referer header) and cost you $$$$$.

Google should have simply done with by origin URL if they wanted stuff to be open like that.

	▲	someothherguyy 8 hours ago \| parent [-]
		Once upon a time Google maps loads were nearly free, and there was no way to restrict that key.