Security & CORS
Because Voxide runs entirely on the client-side, security must be built directly into the WebSocket handshakes and origin verification.
#Domain Whitelisting
Your Publishable Key is safe to expose in your frontend code. The Voxide backend will reject any WebSocket connection that originates from an unauthorized domain.
Development Mode
If you leave your Domain Whitelist empty in the Voxide Dashboard, the key operates in Development Mode and will accept connections from any origin. Always populate your whitelist before going to production.