> You can signup, and start making CORS calls from your neocities pages to a sqlite database on my service.
If I'm understanding what you're trying to do, this isn't on our end. Neocities currently doesn't prevent sites from making API calls to other servers - that's on your HTTP server's side, you control that.
Occasionally I get requests to allow HTML hosted on Neocities to make API calls directly to Neocities itself - which would be OK for things like basic stats lookup, but for things like file uploading/deleting/editing this is dangerous, because it would allow attackers to write scripts to hack people's accounts that can be executed by their own browsers. This is called a CSRF attack, and that's why we prevent people from doing that.
If I'm understanding what you're trying to do, this isn't on our end. Neocities currently doesn't prevent sites from making API calls to other servers - that's on your HTTP server's side, you control that.
Occasionally I get requests to allow HTML hosted on Neocities to make API calls directly to Neocities itself - which would be OK for things like basic stats lookup, but for things like file uploading/deleting/editing this is dangerous, because it would allow attackers to write scripts to hack people's accounts that can be executed by their own browsers. This is called a CSRF attack, and that's why we prevent people from doing that.