This is the way to go, you wouldn't want to use a CORS proxy for something authenticated/with credentials (e.g. API key). But for public unauthenticated request, they work just fine.