d0zingcat/cors-anywhere
1
0
Fork 0
mirror of https://github.com/d0zingcat/cors-anywhere.git synced 2026-05-22 15:09:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update header-modifying method - v0.1.4

Browse Source 
node-http-proxy sets headers before using writeHead.
This commit is contained in:
Rob Wu
2013-07-23 21:59:43 +02:00
parent b35a6f5ffb
commit 6d9b268ecc
2 changed files with 24 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
lib/cors-anywhere.js
View File

@@ -77,29 +77,30 @@ function proxyRequest(req, res, proxy, full_url, proxyOptions) {
headers = reasonPhrase;
reasonPhrase = undefined;
}
if (!headers) headers = withCORS({}, req);
else {
withCORS(headers, req);
// Handle redirects
if (statusCode === 301 || statusCode === 302 || statusCode === 303 || statusCode === 307 || statusCode === 308) {
if (headers['location']) {
headers['location'] = url.resolve(full_url, headers['location']);
}
// Put redirect URL in status text so that user agents that do not recognize the Access-Control-Expose-Headers
// response header can still read the target URL.
reasonPhrase = statusCode + ' ' + (headers['location'] || '');
// Don't use 301 or 302 because browsers may cancel the request (observed in Chrome with a custom request header)
statusCode = 333;
headers = withCORS(headers || {}, req);
withCORS(headers, req);
// Handle redirects
if (statusCode === 301 || statusCode === 302 || statusCode === 303 || statusCode === 307 || statusCode === 308) {
var locationHeader = headers['location'] || res.getHeader('location');
if (locationHeader) {
headers['location'] = url.resolve(full_url, locationHeader);
}
// Don't slip through cookies
delete headers['set-cookie'];
delete headers['set-cookie2'];
// Informational purposes
headers['x-request-url'] = full_url;
// Put redirect URL in status text so that user agents that do not recognize the Access-Control-Expose-Headers
// response header can still read the target URL.
reasonPhrase = statusCode + ' ' + (headers['location'] || '');
// Don't use 301 or 302 because browsers may cancel the request (observed in Chrome with a custom request header)
statusCode = 333;
}
// Don't slip through cookies
delete headers['set-cookie'];
delete headers['set-cookie2'];
res.removeHeader('set-cookie');
res.removeHeader('set-cookie2');
headers['x-request-url'] = full_url;
if (reasonPhrase) {
return res_writeHead.call(res, statusCode, reasonPhrase, headers);
} else {

4
package.json
View File

@@ -1,9 +1,9 @@
{
"name": "cors-anywhere",
"version": "0.1.3",
"version": "0.1.4",
"description": "CORS Anywhere is a reverse proxy which adds CORS headers to the proxied request. Request URL is taken from the path",
"license": "MIT",
"author": "Rob W <gwnRob@gmail.com>",
"author": "Rob Wu <gwnRob@gmail.com>",
"repository": {
"type": "git",
"url": "https://github.com/Rob--W/cors-anywhere.git"