mirror of
https://github.com/d0zingcat/cors-anywhere.git
synced 2026-05-13 23:16:51 +00:00
7271e29f21
-saves bytes, and avoids triggering IDS/WAF alarms since browser finger printing will prove these headers are unnatural and on SSL must be a MITM attack -leave x-forwarded-* intact since they can be used to block CORS proxy abuse if the not-CORS origin webmaster really has to block the proxy and they are not unique to Heroku platform
1.8 KiB
1.8 KiB