mirror of
https://github.com/d0zingcat/cors-anywhere.git
synced 2026-05-13 15:09:25 +00:00
61d55ae41e
One of the following headers is required by default: - Origin: This header is always sent with CORS requests. - X-Requested-With: This header is automatically added by jQuery on same-origin requests. These two headers effectively disable the ability to use the CORS proxy for regular browsing.
30 lines
1.3 KiB
Plaintext
30 lines
1.3 KiB
Plaintext
This API enables cross-origin requests to anywhere.
|
|
|
|
Usage:
|
|
|
|
/ Shows help
|
|
/iscorsneeded This is the only resource on this host which is served without CORS headers.
|
|
/<url> Create a request to <url>, and includes CORS headers in the response.
|
|
|
|
If the protocol is omitted, it defaults to http (https if port 443 is specified).
|
|
|
|
Cookies are disabled and stripped from requests.
|
|
|
|
Redirects are not automatically followed: The API response has status code 333.
|
|
The client ought to confirm this redirection by creating a new request (the url
|
|
is available in the Location response header).
|
|
For user agents who do not support the Access-Control-Expose-Headers response header,
|
|
the information is available in the status text as "<HTTP STATUS CODE> <LOCATION HEADER>".
|
|
|
|
|
|
The requested URL is available in the X-Request-URL response header. Non-existence of this
|
|
header implies that the requested URL was not recognized.
|
|
|
|
To prevent the use of the proxy for casual browsing, the API requires either the Origin
|
|
or the X-Requested-With header to be set. To avoid unnecessary preflight (OPTIONS) requests,
|
|
it's recommended to not manually set these headers in your code.
|
|
|
|
|
|
Demo : https://robwu.nl/cors-anywhere.html
|
|
Source code : https://github.com/Rob--W/cors-anywhere/
|