d0zingcat/cors-anywhere
1
0
Fork 0
mirror of https://github.com/d0zingcat/cors-anywhere.git synced 2026-05-13 15:09:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
118 Commits 1 Branch 0 Tags
7222fce684c0c076be7bac4703f341735d48d8fa
Commit Graph

41 Commits

Author SHA1 Message Date
Rob Wu
7222fce684 Extend supported Node.js from <=9 to <=14 2020-05-02 16:45:42 +02:00
Rob Wu
4814647a9d Reject invalid requests instead of crashing (#142) 2018-10-31 23:58:21 +01:00
Rob Wu
462f844e22 Fix failing test in test/test-ratelimit 2018-10-31 12:28:55 +01:00
Rob Wu
7b6ce1a3df Fix failing tests for 0.10.x, 4.x and 5.x 
Travis build failed on "Uncaught TypeError: Object.keys called on non-object".
That's a real error (res._headers was initially null until a header is set).
 2017-11-11 02:08:44 +01:00
Rob Wu
d2b5dd38bb Add Node 9.x to Travis 
Locally tested that the tests pass with Node 9.0.0 and 9.1.0
Also modified a test expectation for Node 9.0.0+
 2017-11-11 01:32:39 +01:00
Rob Wu
4a46541da4 Catch error due to invalid status code (#95) 2017-11-08 22:23:58 +01:00
Jack Tench
49d429dd60 Do not send Access-Control-Max-Age header if corsMaxAge is 0 (default) 2017-07-14 13:22:53 +01:00
Jack Tench
10df7c9f4a Rename maxAge to corsMaxAge and set the default corsMaxAge to 0. 
Set corsAnywhereRequestState before calling withCORS and use the state instead of a parameter to get corsMaxAge.
 2017-07-14 12:29:15 +01:00
Jack Tench
881392cfaf Add maxAge config option. If set, an Access-Control-Max-Age header with this value (in seconds) will be added. 2017-07-13 19:13:37 +01:00
Rob Wu
70400ab166 Monkey-patch nock, add Node v8 to test matrix 2017-07-13 18:58:29 +02:00
Rob Wu
f016bd71f5 Update test expectation for "100 GET requests 50k" 
Locally Node v7 and v8 also have higher memory expectations,
so just use the same maximum memory value for v0.x and non-v0.x.
 2017-07-13 18:57:26 +02:00
Rob Wu
ded44cb5d0 Upgrade supertest + nock to recent version 
The most recent version that was explicitly marked as compatible with
Node.js 0.10.x
 2017-07-13 17:32:45 +02:00
Rob Wu
6c4234f2b3 Add rate-limiting functionality #45 
- Add checkRateLimit option to the API.
- Extend the default server.js with environment variables
  CORSANYWHERE_WHITELIST (re-using originWhitelist) and
  CORSANYWHERE_RATELIMIT (using the new checkRateLimit option)
  to make it easy to enforce usage limits.
- Document that Heroku doesn't want open proxies.
 2016-05-31 00:52:26 +02:00
Rob Wu
f07bdc4ea0 Add examples for modifying requests or responses 2016-05-14 23:16:45 +02:00
Rob Wu
e6695b8102 Add redirectSameOrigin 
Some clients try to use CORS Anywhere, even for same-origin requests...
Add a new setting "redirectSameOrigin" to not waste server resources on
proxying such requests.

Fixes #42
 2016-03-19 18:35:17 +01:00
Rob Wu
66fdd6e662 100% test coverage :) 2016-02-26 18:23:29 +01:00
rodrigopavezi
9f389e6f41 Added option for a custom help file 2016-02-26 14:16:20 -03:00
Rob Wu
ee93f70dc3 Increment threshold for memory failure on Node 0.x 2016-02-26 17:05:06 +01:00
Rob Wu
f081fe2ccf Fix tests: Explicitly start and close servers 
Otherwise these tests fail on Node 0.10.x
 2016-02-26 16:58:07 +01:00
Rob Wu
1308e34247 More test coverage for redirects 2016-02-26 16:10:53 +01:00
Rob Wu
35932a0ac1 Add tests for misbehaving servers + fix bug 2016-02-26 15:51:17 +01:00
Rob Wu
16b1a7e3a0 requireHeader: Improve coverage and fix bug 
When the single-string version of requireHeader was used, it was not
properly transformed to a lowercase string. Now it is.
 2016-02-26 13:13:58 +01:00
Rob Wu
0872577729 Enforce a consistent coding style using eslint 2016-02-26 12:31:35 +01:00
Rob Wu
bbe3378c35 Tests: Replace space with dash in header name 
Node.js has forbidden header names with spaces in
6192c9892f.

The next error is thrown when the test sets the "some header" header:
Uncaught TypeError: Header name must be a valid HTTP Token ["some header"]

To fix it, replace spaces with dashes.
 2016-02-19 00:39:17 +01:00
Rob Wu
8568c06b17 Support proxying through a proxy - #37 
Automatically respects proxy headers from environment variables,
using https://github.com/Rob--W/proxy-from-env
 2016-02-19 00:22:20 +01:00
Rob Wu
a2f0c05b24 Add more tests for setHeaders 2015-08-23 10:58:58 +02:00
Nikolay Derkach
c5a3877e6c add setHeaders option 2015-08-22 16:49:59 -07:00
Rob Wu
837dee582c Add originBlacklist + originWhitelist 
- originWhitelist resolves #24
- originBlacklist may help with #32
 2015-08-16 01:05:26 +02:00
Rob Wu
f8f718ead8 Add tests for memory leaks 
Using the performNRequests, I collected the following statistics
before choosing the maximum allowed "leaked" memory.

Node.js 0.12.2,
Using the http module ('use-http-instead-of-cors-anywhere'):

Memory usage delta: 132800 (100 requests of 50 kb each, 250ms)
Memory usage delta: 110144 (100 requests of 1 kb each, 172ms)
Memory usage delta: 709936 (1000 requests of 1 kb each, 902ms)
Memory usage delta: 865104 (10000 requests of 1 kb each, 7073ms)
Memory usage delta: 930416 (100000 requests of 1 kb each, 62856ms)

Using CORS Anywhere:

Memory usage delta: 356784 (100 requests of 50 kb each, 1004ms)
Memory usage delta: 355248 (100 requests of 1 kb each, 641ms)
Memory usage delta: 1326856 (1000 requests of 1 kb each, 3338ms)
Memory usage delta: 1462584 (10000 requests of 1 kb each, 21186ms)
Memory usage delta: 1473624 (100000 requests of 1 kb each, 211202ms)

Clearly, there is a small leak, but it is not proportional/linear
in terms of the number of requests, so the observed "leak" is probably
not an issue. Furthermore, the "leak" also occurs with the plain
http module.

After setting fixed limits, I ran the tests on Node.js 0.10.25 and
observed that the tests failed due to the too low limits, so I
incremented the limits (400 -> 550, 1500 -> 2000).
 2015-05-09 11:23:27 +02:00
Rob Wu
0e594a2b03 Skip host check if scheme is explicitly set 
Fixes https://github.com/Rob--W/cors-anywhere/issues/14

This allows CORS anywhere to be forwards-compatible with the surge
of new gTLDs.
 2015-05-09 11:09:59 +02:00
Rob Wu
d437bc9225 Test that redirect headers are not set in response 2015-05-06 20:02:55 +02:00
Rob Wu
024d540e7c Fix test expectations for xfwd 2015-05-06 19:46:58 +02:00
Rob Wu
2d84862546 Upgrade http-proxy to 1.11.1 
All xfwd and tests fails with this change, but that's because the
tests themselves were incorrect (using port 80/443 instead of the
ephemeral ports created for the tests).
 2015-05-06 19:19:21 +02:00
Rob Wu
f98705f27b Add test for proxy error 2015-05-06 18:40:04 +02:00
Rob Wu
e8202aa31f Add more xfwd tests (https+http & http+https) 2015-05-06 18:20:11 +02:00
Rob Wu
056cb446fe x-forwarded-port should match the request port. 
Not the proxied one. These tests will now fail, but that's because
the current implementation is apparently incorrect.
 2015-05-06 12:08:53 +02:00
Rob Wu
80da247827 Add httpsOptions option to create https.Server 
Note: This does not work with the current version of node-http-proxy
and node 0.12.0 because req.connection.pair is not defined.
 2015-05-06 12:07:31 +02:00
Rob Wu
1ee157fc0f Add unit tests 2015-05-05 22:37:20 +02:00
Rob Wu
f0bdb5ffd1 Remove manual leak test 
webkit-devtools-agent (tested with 0.2.4 and 0.3.1) is incompatible with
Node 0.12.0. The manual test adds no value at this point, so it has been
removed, including the dependencies (webkit-devtools-agent).
 2015-05-05 18:08:33 +02:00
Rob Wu
7983d1e7ae Update dev dependency 
To test for mem leaks, just run node test/runner.js
and follow the instructions.
 2014-01-03 14:21:49 +01:00
Rob Wu
b76d6457f0 Add some tests (mainly interested in memleak test) 
If you wish to check if the API works, launch demo.html,
set the global cors_api_url variable to your local instance,
enter an URL and press "GET" or "POST".
 2013-08-29 14:25:20 +02:00