- Add checkRateLimit option to the API.
- Extend the default server.js with environment variables
CORSANYWHERE_WHITELIST (re-using originWhitelist) and
CORSANYWHERE_RATELIMIT (using the new checkRateLimit option)
to make it easy to enforce usage limits.
- Document that Heroku doesn't want open proxies.
Some clients try to use CORS Anywhere, even for same-origin requests...
Add a new setting "redirectSameOrigin" to not waste server resources on
proxying such requests.
Fixes#42
One of the following headers is required by default:
- Origin: This header is always sent with CORS requests.
- X-Requested-With: This header is automatically added by jQuery on
same-origin requests.
These two headers effectively disable the ability to use the CORS
proxy for regular browsing.
