CORS
LLMFoundry sets CORS headers to allow cross-origin requests. So, you can use any of these APIs via JavaScript from any origin, e.g:
const response = await fetch("https://llmfoundry.straive.com/openai/v1/chat/completions", {
method: "POST",
headers: { "Content-Type": "application/json" },
// Send USER's API token automatically
credentials: "include",
body: JSON.stringify({
model: "gpt-4o-mini",
messages: [{ role: "user", content: "What is 2 + 2" }],
}),
});
console.log(Object.fromEntries(response.headers));
console.log(await response.json());
This logs the response headers and the response body.
You can access these headers in JavaScript:
X-Time: The unique LLMFoundry request timestamp, e.g.,1730597468337841. You can see the request athttps://llmfoundry.straive.com/history#?t=${xTime}. You can acccess the JSON requests at:- Request to LLM:
https://llmfoundry.straive.com/logs/173059/7468337841-api.json - Response from LLM:
https://llmfoundry.straive.com/logs/173059/7468337841-response.json
- Request to LLM:
X-Cache: "HIT" indicates that the response was served from the cacheX-Ratelimit-*: Ratelimit details from OpenAI, etc.X-Request-Id: OpenAI request ID, e.g.,7468337841Anthropic-Ratelimit-*: Ratelimit details from AnthropicRetry-After: When to retry after a 429 error
Third-party cookies
This method of accessing LLM Foundry using credentials: include is labelled "third-party cookies."
Ad trackers use the same method to track users.
Most browsers are disabling option. For example, Brave already disallows third-party cookies by default. Edge, Chrome, and others will soon follow suite.
To use this feature, tell your users to explicitly enable third-party cookies in their browser -- at least for your app.