d0zingcat/cors-anywhere
1
0
Fork 0
mirror of https://github.com/d0zingcat/cors-anywhere.git synced 2026-05-13 23:16:51 +00:00
Code Issues Packages Projects Releases Wiki Activity
137 Commits 1 Branch 0 Tags
3c87a51664bc625535afcecc4e618009ff41d2ce
Commit Graph

38 Commits

Author SHA1 Message Date
Rob Wu
3c87a51664 Support NODE_TLS_REJECT_UNAUTHORIZED=0 to ignore client errors #341 
Apparently `NODE_TLS_REJECT_UNAUTHORIZED` is only effective if
`rejectUnauthorized` was not overridden by the code:
85e6089c4d/lib/_tls_wrap.js (L1583-L1591)

But the underlying library does override it:
https://github.com/http-party/node-http-proxy/blob/v1.11.1/lib/http-proxy/common.js#L53-L55

Fix this by overriding the option via the library's "secure" option.
 2021-03-21 23:38:32 +01:00
Rob Wu
9f1af82434 Add handleInitialRequest option to support #301 
The custom filtering logic is not part of the public repository, to
keep the project clean.
 2021-02-01 22:20:35 +01:00
bulk88
b3a13b026c only send Access-Control-Max-Age if preflight request, not POST/GET 
-Access-Control-Max-Age header only has meaning for preflights, not
 POST or GET, saves wire bytes by excluding it from POST/GET/etc,
 and future problems if ACMA on a content HTTP method is given
 meaning by W3C or a browser vendor

-fix expectNoHeader() test helper func ,this was a no-op before by
 accident and would NEVER fail,
 supertest/test.js:Test.prototype._assertFunction requires an retval of
 class type Error if test fail, not a string or a number or Object
 2020-09-27 15:21:40 -04:00
Rob Wu
a9e06a9dab Reject invalid redirects 
Fixes #234.
 2020-05-06 23:25:17 +02:00
Rob Wu
001fbef926 Update test expectation for Node 12.x 2020-05-02 19:19:35 +02:00
Rob Wu
4ddb796e28 Explicit early out for invalid URLs 2020-05-02 17:55:57 +02:00
Rob Wu
7222fce684 Extend supported Node.js from <=9 to <=14 2020-05-02 16:45:42 +02:00
Rob Wu
4814647a9d Reject invalid requests instead of crashing (#142) 2018-10-31 23:58:21 +01:00
Rob Wu
7b6ce1a3df Fix failing tests for 0.10.x, 4.x and 5.x 
Travis build failed on "Uncaught TypeError: Object.keys called on non-object".
That's a real error (res._headers was initially null until a header is set).
 2017-11-11 02:08:44 +01:00
Rob Wu
d2b5dd38bb Add Node 9.x to Travis 
Locally tested that the tests pass with Node 9.0.0 and 9.1.0
Also modified a test expectation for Node 9.0.0+
 2017-11-11 01:32:39 +01:00
Rob Wu
4a46541da4 Catch error due to invalid status code (#95) 2017-11-08 22:23:58 +01:00
Jack Tench
49d429dd60 Do not send Access-Control-Max-Age header if corsMaxAge is 0 (default) 2017-07-14 13:22:53 +01:00
Jack Tench
10df7c9f4a Rename maxAge to corsMaxAge and set the default corsMaxAge to 0. 
Set corsAnywhereRequestState before calling withCORS and use the state instead of a parameter to get corsMaxAge.
 2017-07-14 12:29:15 +01:00
Jack Tench
881392cfaf Add maxAge config option. If set, an Access-Control-Max-Age header with this value (in seconds) will be added. 2017-07-13 19:13:37 +01:00
Rob Wu
ded44cb5d0 Upgrade supertest + nock to recent version 
The most recent version that was explicitly marked as compatible with
Node.js 0.10.x
 2017-07-13 17:32:45 +02:00
Rob Wu
6c4234f2b3 Add rate-limiting functionality #45 
- Add checkRateLimit option to the API.
- Extend the default server.js with environment variables
  CORSANYWHERE_WHITELIST (re-using originWhitelist) and
  CORSANYWHERE_RATELIMIT (using the new checkRateLimit option)
  to make it easy to enforce usage limits.
- Document that Heroku doesn't want open proxies.
 2016-05-31 00:52:26 +02:00
Rob Wu
e6695b8102 Add redirectSameOrigin 
Some clients try to use CORS Anywhere, even for same-origin requests...
Add a new setting "redirectSameOrigin" to not waste server resources on
proxying such requests.

Fixes #42
 2016-03-19 18:35:17 +01:00
Rob Wu
66fdd6e662 100% test coverage :) 2016-02-26 18:23:29 +01:00
rodrigopavezi
9f389e6f41 Added option for a custom help file 2016-02-26 14:16:20 -03:00
Rob Wu
f081fe2ccf Fix tests: Explicitly start and close servers 
Otherwise these tests fail on Node 0.10.x
 2016-02-26 16:58:07 +01:00
Rob Wu
1308e34247 More test coverage for redirects 2016-02-26 16:10:53 +01:00
Rob Wu
35932a0ac1 Add tests for misbehaving servers + fix bug 2016-02-26 15:51:17 +01:00
Rob Wu
16b1a7e3a0 requireHeader: Improve coverage and fix bug 
When the single-string version of requireHeader was used, it was not
properly transformed to a lowercase string. Now it is.
 2016-02-26 13:13:58 +01:00
Rob Wu
0872577729 Enforce a consistent coding style using eslint 2016-02-26 12:31:35 +01:00
Rob Wu
bbe3378c35 Tests: Replace space with dash in header name 
Node.js has forbidden header names with spaces in
6192c9892f.

The next error is thrown when the test sets the "some header" header:
Uncaught TypeError: Header name must be a valid HTTP Token ["some header"]

To fix it, replace spaces with dashes.
 2016-02-19 00:39:17 +01:00
Rob Wu
8568c06b17 Support proxying through a proxy - #37 
Automatically respects proxy headers from environment variables,
using https://github.com/Rob--W/proxy-from-env
 2016-02-19 00:22:20 +01:00
Rob Wu
a2f0c05b24 Add more tests for setHeaders 2015-08-23 10:58:58 +02:00
Nikolay Derkach
c5a3877e6c add setHeaders option 2015-08-22 16:49:59 -07:00
Rob Wu
837dee582c Add originBlacklist + originWhitelist 
- originWhitelist resolves #24
- originBlacklist may help with #32
 2015-08-16 01:05:26 +02:00
Rob Wu
0e594a2b03 Skip host check if scheme is explicitly set 
Fixes https://github.com/Rob--W/cors-anywhere/issues/14

This allows CORS anywhere to be forwards-compatible with the surge
of new gTLDs.
 2015-05-09 11:09:59 +02:00
Rob Wu
d437bc9225 Test that redirect headers are not set in response 2015-05-06 20:02:55 +02:00
Rob Wu
024d540e7c Fix test expectations for xfwd 2015-05-06 19:46:58 +02:00
Rob Wu
2d84862546 Upgrade http-proxy to 1.11.1 
All xfwd and tests fails with this change, but that's because the
tests themselves were incorrect (using port 80/443 instead of the
ephemeral ports created for the tests).
 2015-05-06 19:19:21 +02:00
Rob Wu
f98705f27b Add test for proxy error 2015-05-06 18:40:04 +02:00
Rob Wu
e8202aa31f Add more xfwd tests (https+http & http+https) 2015-05-06 18:20:11 +02:00
Rob Wu
056cb446fe x-forwarded-port should match the request port. 
Not the proxied one. These tests will now fail, but that's because
the current implementation is apparently incorrect.
 2015-05-06 12:08:53 +02:00
Rob Wu
80da247827 Add httpsOptions option to create https.Server 
Note: This does not work with the current version of node-http-proxy
and node 0.12.0 because req.connection.pair is not defined.
 2015-05-06 12:07:31 +02:00
Rob Wu
1ee157fc0f Add unit tests 2015-05-05 22:37:20 +02:00