d0zingcat/cors-anywhere
1
0
Fork 0
mirror of https://github.com/d0zingcat/cors-anywhere.git synced 2026-05-13 15:09:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Redirect URL in statusText

Browse Source 
Android's stock browser (and Webview) does not recognize the
Access-Control-Expose-headers response header.
Use the status text field to pass through this information.

Updated demo and documentation.
This commit is contained in:
Rob Wu
2013-07-23 21:44:41 +02:00
parent ba185f5ec8
commit b35a6f5ffb
4 changed files with 26 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
README.md
View File

@@ -41,12 +41,18 @@ Request examples:
Live examples:
* http://cors-anywhere.herokuapp.com/
* http://rob.lekensteyn.nl/cors-anywhere.html - This demo shows how to use the API.
* https://cors-anywhere.herokuapp.com/
* https://robwu.nl/cors-anywhere.html - This demo shows how to use the API.
Includes a redirect handler (including loop detection) and shows that the POST also works.
## Documentation
### Client
Learn how to use the API in a web app by viewing the source code of [demo.html](demo.html) and reading [lib/help.txt](lib/help.txt).
### Server
The module exports two properties: `getHandler` and `createServer`.
* `getHandler(options)` returns a handler which implements the routing logic.
@@ -71,7 +77,7 @@ The following options are recognized by both methods:
## License
Copyright (C) 2013 Rob W <gwnRob@gmail.com>
Copyright (C) 2013 Rob Wu <gwnRob@gmail.com>
Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the "Software"), to deal in

12
demo.html
View File

@@ -48,7 +48,7 @@ textarea {
<div id="top">
CORS Anywhere demo &bull; <a href="https://github.com/Rob--W/cors-anywhere/">Github</a> &bull; <a href="http://cors-anywhere.herokuapp.com">Live server</a>.
<label>
Url to be fetched (example: <a href="//rob.lekensteyn.nl/dump.php">rob.lekensteyn.nl/dump.php</a>)
Url to be fetched (example: <a href="//robwu.nl/dump.php">robwu.nl/dump.php</a>)
<input type="url" id="url" value="">
</label>
<label>
@@ -64,7 +64,8 @@ textarea {
</div>
<script>
var cors_api_url = 'http://cors-anywhere.herokuapp.com/'; // https is also supported
var protocol = location.protocol === 'http:' ? 'http:' : 'https:';
var cors_api_url = protocol + '//cors-anywhere.herokuapp.com/';
function doCORSRequest(options, redirectCount) {
var x = new XMLHttpRequest();
x.open(options.method, cors_api_url + options.url);
@@ -73,9 +74,10 @@ textarea {
x.onload = function() {
if (x.status === 333) {
redirectCount = +redirectCount ? +redirectCount + 1 : 1;
var url = x.getResponseHeader('Location');
if (url && redirectCount <= 5) {
var originalStatus = +/\d+/.exec(x.statusText);
var redirectInfo = /^(\d+) (.*)$/.exec(x.statusText);
if (redirectInfo && redirectCount <= 5) {
var originalStatus = +redirectInfo[1];
var url = redirectInfo[2];
if (originalStatus === 307 || originalStatus === 308) {
// Correctly deal with method-preserving redirects
options.url = url;

7
lib/cors-anywhere.js
View File

@@ -1,6 +1,9 @@
// © 2013 Rob W <gwnRob@gmail.com>
// Released under the MIT license
'use strict';
/* jshint node:true, eqnull:true, sub:true */
var httpProxy = require('http-proxy');
var net = require('net');
var url = require('url');
@@ -83,8 +86,10 @@ function proxyRequest(req, res, proxy, full_url, proxyOptions) {
if (headers['location']) {
headers['location'] = url.resolve(full_url, headers['location']);
}
// Put redirect URL in status text so that user agents that do not recognize the Access-Control-Expose-Headers
// response header can still read the target URL.
reasonPhrase = statusCode + ' ' + (headers['location'] || '');
// Don't use 301 or 302 because browsers may cancel the request (observed in Chrome with a custom request header)
reasonPhrase = 'Redirect ' + statusCode;
statusCode = 333;
}

5
lib/help.txt
View File

@@ -13,6 +13,9 @@ Cookies are disabled and stripped from requests.
Redirects are not automatically followed: The API response has status code 333.
The client ought to confirm this redirection by creating a new request (the url
is available in the Location response header).
For user agents who do not support the Access-Control-Expose-Headers response header,
the information is available in the status text as "<HTTP STATUS CODE> <LOCATION HEADER>".
The requested URL is available in the X-Request-URL response header. Non-existence of this
header implies that the requested URL was not recognized.
@@ -20,5 +23,5 @@ header implies that the requested URL was not recognized.
This API has one requirement: The X-Requested-With header must be set.
Demo : http://rob.lekensteyn.nl/cors-anywhere.html
Demo : https://robwu.nl/cors-anywhere.html
Source code : https://github.com/Rob--W/cors-anywhere/