fetch-bypass-cors

An implementation of fetch that bypasses CORS policies by proxying encrypted HTTPS requests via a WebSocket-to-TCP proxy.

It does not simply relay requests via an HTTP proxy. Rather, it establishes a connection that is fully encrypted between the client and the server, with the proxy relaying a TCP stream to work around the limitations of modern browsers. This allows you to access APIs that did not whitelist your domain without exposing user data to your server.

Originally developed by @M4GNV5 for neuland.app.

Example

Setting up the proxy

pip install websockify
websockify 3000 www.google.com:443

Using the proxy

import ProxiedConnection from 'fetch-bypass-cors'

const certs = [
  `-----BEGIN CERTIFICATE-----
  ...
  -----END CERTIFICATE-----`
]
const conn = new ProxiedConnection({
    // the host that is being proxied
    target: 'www.google.com',
    // the websocket server that was started above
    via: 'ws://localhost:3000',
    // the certificate store
    certs
})

// fetch google results (despite missing CORS headers!)
const resp = conn.fetch('https://www.google.com/search?q=test')
console.log(await resp.text())

Name		Name	Last commit message	Last commit date
Latest commit History 13 Commits
proxy		proxy
src		src
.eslintrc.json		.eslintrc.json
.gitignore		.gitignore
LICENSE.md		LICENSE.md
README.md		README.md
package-lock.json		package-lock.json
package.json		package.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

fetch-bypass-cors

Example

Setting up the proxy

Using the proxy

About

Releases

Packages

Contributors 2

Languages

License

neuland-ingolstadt/fetch-bypass-cors

Folders and files

Latest commit

History

Repository files navigation

fetch-bypass-cors

Example

Setting up the proxy

Using the proxy

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Contributors 2

Languages

Packages