I understand that codeforces need to enable cloudflare to avoid massive pressure to the server during official contests,that's ok.Maybe not so pleasing but at least it is still reasonable in most cases.
What I don't understand is why ADD the CLOUDFLARE TO THE API requests which should be accessed by bot originally,leaving plugins like(specifically) CARROT totally unusable during contests!It's annoying not being able to view my expected performance,isn't it?
If CF let you access the API directly, then attackers would know the source IP of CF and therefore be able to perform an attack. There indeed are some other solutions, but they require time and efforts.
Please explain how API works, it seems confusing to me.