REST API CORS header to allow access to rate limits

According to the API doc Binance API Documentation

REST API requests contain the X-MBX-USED-WEIGHT-(intervalNum)(intervalLetter) (currently X-MBX-USED-WEIGHT-1m) header with the current used weight for the requesting IP. However this header is not accessible from JavaScript Fetch API Response due to CORS restrictions.

Could Binance please lift this restriction by modifying the Access-Control-Expose-Headers header to include X-MBX-USED-WEIGHT-1m?

For more detail please see Cross-Origin Resource Sharing (CORS) - HTTP | MDN

Thanks very much!

The response header is available when sending cors requests.

If you are using Google Chrome, check the network tab to diagnose the response headers.

The header is available from the inspector, but it’s inaccessible from JavaScript requesting it due to CORS restrictions. Binance API server needs to add the following header to its responses to allow client JavaScript to actually read the limit value

Access-Control-Expose-Headers: X-MBX-USED-WEIGHT-1m

You are correct. However, we don’t suggest CORS requests due to the inefficient load on the servers, and rate limit headers will not be exposed.

I find the reasoning strange. How else could one build a custom dashboard and being gentle on the server without knowing the current rate limit?

The Binance Exchange APIs are intended communicate with other servers, not user front-ends. Cross domain requests are allowed for the small use-cases which barely consume bandwidth. If your use-case is hitting rate limits, it’s suggested to consider back-end alternatives.