d0zingcat/cors-anywhere
1
0
Fork 0
mirror of https://github.com/d0zingcat/cors-anywhere.git synced 2026-05-13 23:16:51 +00:00
Code Issues Packages Projects Releases Wiki Activity
69 Commits 1 Branch 0 Tags
c0048573e94ed1685797dc986d2f1682103ccab9
Commit Graph

43 Commits

Author SHA1 Message Date
Rob Wu
c0048573e9 Update gTLD list 2015-08-16 01:11:11 +02:00
Rob Wu
837dee582c Add originBlacklist + originWhitelist 
- originWhitelist resolves #24
- originBlacklist may help with #32
 2015-08-16 01:05:26 +02:00
Rob Wu
0e594a2b03 Skip host check if scheme is explicitly set 
Fixes https://github.com/Rob--W/cors-anywhere/issues/14

This allows CORS anywhere to be forwards-compatible with the surge
of new gTLDs.
 2015-05-09 11:09:59 +02:00
Rob Wu
903f3d32dc Update TLD list. 2015-05-06 20:15:50 +02:00
Rob Wu
fbf3ce9255 Update copyright year to 2015 2015-05-06 20:15:50 +02:00
Rob Wu
19de080098 Move inline jshint directive to .jshintrc 2015-05-06 20:15:50 +02:00
Rob Wu
b5d601f823 Verify and update links to node-http-proxy 2015-05-06 19:53:57 +02:00
Rob Wu
2d84862546 Upgrade http-proxy to 1.11.1 
All xfwd and tests fails with this change, but that's because the
tests themselves were incorrect (using port 80/443 instead of the
ephemeral ports created for the tests).
 2015-05-06 19:19:21 +02:00
Rob Wu
80da247827 Add httpsOptions option to create https.Server 
Note: This does not work with the current version of node-http-proxy
and node 0.12.0 because req.connection.pair is not defined.
 2015-05-06 12:07:31 +02:00
Rob Wu
6b54191df9 0.2.2 - Expose every response header #12 2014-10-05 16:14:49 +02:00
Rob Wu
0745b894c6 0.2.1 - Update URL parsing logic (fixes #9) 2014-08-29 16:30:50 +02:00
Rob Wu
90d81e7033 Update TLD list 2014-08-25 13:43:13 +02:00
Rob Wu
bd9af5849f Upgrade from http-proxy 0.10.x to 1.3.0 2014-08-25 13:39:25 +02:00
Rob Wu
beadd3fe77 v0.1.9 - Always use Access-Control-Allow-Origin: * 
Fixes #6
 2014-03-12 18:18:08 +01:00
Rob Wu
a322df91c4 Header checks after error checks 
With this commit, you will see the following messages instead of
"Missing required request header ...":

 /iscorsneeded = no with direct browsing
 /favicon.ico = 404 not found
 2013-09-10 23:10:14 +02:00
Rob Wu
d2023b45e1 Fix POST -> GET conversion on redirect 2013-08-30 11:42:51 +02:00
Rob Wu
a784fc96f8 Simplified demo.html; show proxyError on error 2013-08-29 19:20:40 +02:00
Rob Wu
cd97423db9 Fix memory leak 2013-08-29 15:17:19 +02:00
Rob Wu
a56fb8843c Add X-Final-URL 2013-08-29 10:12:03 +02:00
Rob Wu
721ba7609d Remove unused code 2013-08-28 21:04:48 +02:00
Rob Wu
3bb98d6bea Add X-CORS-Redirect-# header for debugging 2013-08-28 20:50:46 +02:00
Rob Wu
d7a6564574 Bind proxyRequest event handler once per proxy 
Optimization: Create onProxyResponse handler only once,
and bind it only once per HttpProxy instance
(opposed to binding it for every request)
 2013-08-28 19:48:52 +02:00
Rob Wu
96d237e7b3 [WIP] Support internal redirects 
TODO:
- Move proxyRequest elsewhere, and attach the request state to req
- Investigate the implications of calling req.emit('end');
  (It's called in order to trigger reverseProxy.end(), needed to start
  the redirect)
 2013-08-28 18:49:51 +02:00
Rob Wu
de0318bc4c Refactored; move URL parser to separate function 2013-08-28 17:35:23 +02:00
Rob Wu
c37e496dee Add extra documentation (in code). 
Removed ? from path's regexp, because
"http://cors-anywhere/" + "/domain.com/file" =
"http://cors-anywhere//domain.com/file" SHOULD be an invalid request.

"//domain.com/file" can be resolved to "http://domain.com/file", but
"/domain.com/file" should resolved to http://host/domain.com/file,
but since the host is unknown, the API should just fail.
 2013-08-28 13:17:58 +02:00
Rob Wu
198e927baa Use proxyRequest event instead of subst. writeHead 
Makes the code less dependent on implementation details.
 2013-08-28 11:49:39 +02:00
Rob Wu
9410ff5afa Remove manual redirect handling 
From now on, redirects will automatically be handled by the browser.
Using the API by clients has become extremely easy.

Included JavaScript / jQuery snippets in the documentation to
demonstrate that it's easy to use the API.
 2013-08-27 18:51:04 +02:00
Rob Wu
61d55ae41e Avoid preflight request by relaxing header req 
One of the following headers is required by default:
- Origin: This header is always sent with CORS requests.
- X-Requested-With: This header is automatically added by jQuery on
  same-origin requests.

These two headers effectively disable the ability to use the CORS
proxy for regular browsing.
 2013-08-27 16:15:10 +02:00
Rob Wu
6d9b268ecc Update header-modifying method - v0.1.4 
node-http-proxy sets headers before using writeHead.
 2013-07-23 22:29:02 +02:00
Rob Wu
b35a6f5ffb Redirect URL in statusText 
Android's stock browser (and Webview) does not recognize the
Access-Control-Expose-headers response header.
Use the status text field to pass through this information.

Updated demo and documentation.
 2013-07-23 21:55:32 +02:00
Rob Wu
aee875ac67 https -> target.https 2013-06-10 18:38:15 +02:00
Rob Wu
367b648114 Avoid double ports in host header 
Previously, it was possible that the host header looks
like domain.com:4444:4444 - obviously a bug.
 2013-06-10 18:15:25 +02:00
kybernetikos
808e1761ef Make the proxy request use the correct protocol (http/https). 
I discovered that the proxy request was using http even when it
was proxying to an https port / url.  This is because we didn't pass
the https parameter through in the proxyRequest method.
 2013-06-10 16:41:13 +01:00
Rob Wu
59d5bc6043 Set Host header based on actual input 
Fixes #1
 2013-03-30 17:40:54 +01:00
Rob W
407ba84a10 Avoid duplicate Access-Control-Expose-Headers 2013-01-05 11:05:32 +01:00
Rob W
eb5c57e729 Better description for non-proxied requests 2013-01-04 23:59:52 +01:00
Rob W
051858b480 Location -> X-Location 
xhr.getResponseHeader('Location') gives:
> Refused to get unsafe header "Location"
 2013-01-04 23:16:38 +01:00
Rob W
204edda774 Clean-up of unused methods 2013-01-04 23:00:27 +01:00
Rob W
968f8439b0 Added demo; Add original status at 333 redirects 2013-01-04 22:55:16 +01:00
Rob W
544a52b0ff Fix for 3xx redirects; Disabled credentials 2013-01-04 22:46:01 +01:00
Rob W
495a99ebde Docs update, added CORS to some responses. 2013-01-03 22:34:49 +01:00
Rob W
2cf2300afb More documentation and options. 2013-01-03 20:56:25 +01:00
Rob W
8a367bda4b CORS Anywhere - Initial commit 2013-01-03 18:46:50 +01:00