That's besides the point, if you are making it possible for a third party to use your server to fetch resources you should probably make sure the service can not be used as a simple attack vector.

jacquesm,

I considered that so I have restrictions for now (e.g. no hourly jobs, limit of up to 30 occurences for daily jobs, etc.).

I'll figure out a way to verify that you own the domain of the Url you're trying to access. The simple way is by email address from the same domain.

Cool. Nice to see you thought about that ahead of time.