AverageMarcus/cors-proxy
1
0
Fork 0
Code Issues Pull Requests Releases Activity
Files
352ae3a84067697306a220119f8226440df5d82d
cors-proxy/index.js
Marcus Noble 352ae3a840 Added domain limit details to webpage 
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-08-23 09:00:37 +01:00

98 lines
2.9 KiB
JavaScript
Raw Blame History

"use strict";
const request = require('request');
const http = require('http');
const url = require('url');
const fs = require('fs').promises;
let PORT = process.env.PORT || 8000;
let blockList = (process.env.BLOCKLIST || '').split(',').filter(a => a);
console.log("Blocklist:", blockList);
let allowList = (process.env.ALLOWLIST || '').split(',').filter(a => a);
console.log("AllowList:", allowList);
process.argv.forEach(function (arg) {
if(arg.indexOf('--port=') === 0) {
PORT = parseInt(arg.replace('--port=', ''), 10);
}
});
http.createServer((req, response) => {
if (!req.url.substring(1)) {
return loadWebpage(req, response);
}
let remoteURL = url.parse(req.url.substring(1));
if(!remoteURL.hostname || remoteURL.hostname === 'localhost') return response.end();
if(blockList.some(b => remoteURL.hostname == b || remoteURL.hostname.endsWith("." + b))) {
console.log("Domain is in blocklist")
return response.end();
}
if(allowList.length > 0 && !allowList.some(b => remoteURL.hostname == b || remoteURL.hostname.endsWith("." + b))) {
console.log("Domain is not in allowlist")
return response.end();
}
if(req.method === 'OPTIONS') {
response.writeHead(200, {
'access-control-allow-origin': req.headers.origin || '*',
'access-control-allow-headers': 'Origin, X-Requested-With, Content-Type, Accept, authorization'
});
return response.end();
}
for(let key in req.headers) {
if(key.match(/host|cookie/ig)){
delete req.headers[key];
}
}
let config = {
url: remoteURL,
followAllRedirects: true,
method: req.method,
headers: req.headers,
gzip: true
};
if(req.method !== 'HEAD') {
config.body = req;
}
request(config)
.on('response', res => {
res.headers['access-control-allow-origin'] = req.headers.origin || '*';
res.headers['access-control-allow-headers'] = 'Origin, X-Requested-With, Content-Type, Accept, authorization';
delete res.headers['access-control-allow-credentials'];
delete res.headers['access-control-allow-methods'];
delete res.headers['content-encoding'];
delete res.headers['content-length'];
delete res.headers['x-frame-options'];
response.writeHead(res.statusCode, res.headers);
})
.on('data', function(data) {
response.write(data);
})
.on('error', () => response.end())
.on('end', () => response.end());
}).listen(PORT);
function loadWebpage(req, res) {
fs.readFile(__dirname + "/index.html", { encoding: 'utf8' })
.then(contents => {
res.setHeader("Content-Type", "text/html");
res.writeHead(200);
res.end(
contents
.replaceAll('[[BLOCKLIST]]', JSON.stringify(blockList))
.replaceAll('[[ALLOWLIST]]', JSON.stringify(allowList))
);
})
.catch(err => {
res.writeHead(500);
res.end(err);
return;
});
}
Reference in New Issue View Git Blame Copy Permalink