Medium Door - moor is a WWW proxy that fetches data from given URL (bypassing CORS and while(1) anti-JSON-hijack trap).
It was primarily created for fetching data from Medium-based blogs, where you do not have any kind of API, and instead you must retrieve data like Mediums' frontend does: from %PATH%/?format=json. There were two caveats though:
- CORS did not allow requests from non-medium-dot-com domain,
- it begins with
])}while(1);</x>
For that moor has come to life.
moor2 is different from the original moor by being serverless (prepared to host on zeit.co). This way it should be cheaper and require even less maintenance than before.
That's up to you. I use it on my website to get my latest post title and link :-).
- Clone this repository
- Configure https://zeit.co project
- Deploy and have fun
Just to be extra sure, moor2 requires you to set up a token. If you try to request a proxy for a URL without a token, or with an invalid one, you will get 401 Unauthorized.
The token is fetched from TOKEN environment variable.
In order to prevent malicious requests from third parties there is CORS support implemented.
In order to set CORS domain use ALLOW_ORIGIN environment variable (ALLOW_ORIGIN=*).
You can set ignored endpoints (ones that will NOT be fetched) in generic_definitions.go.
Blocked characters amount is the amount of characters that prefix the JSON output. It's default value can be seen in moor/generic_definitions.go but you can also overwrite it using MOOR_BLOCKER_CHARACTERS_AMOUNT environment variable (as seen in moor/http_client.go). Default value is enough to remove Medium's trap.
GET your.moor.instance.now.sh/api/medium?url=URL_ENCODE(URL_TO_FETCH)&token=token
If you wish to contribute please create a pull request or an issue.