Wicker25/mitmproxy_CORSPreflight.py

## mitmproxy_CORSPreflight.py
# Title: Mitmproxy's addon for handling CORS preflight requests (tested with version 8.1.1)
# Usage: $ mitmproxy -s ./mitmproxy_CORSPreflight.py -p 8080 --ssl-insecure --mode reverse:https://www.google.com/

from mitmproxy import http

class CORSPreflight:
    def response(self, flow: http.HTTPFlow):
        origin = flow.request.headers.get('origin', '*')
        flow.response.headers['Access-Control-Allow-Origin'] = origin
        flow.response.headers['Access-Control-Allow-Credentials'] = 'true'

        if flow.request.method == "OPTIONS":
            flow.response.headers['Access-Control-Allow-Methods'] = 'GET, POST, OPTIONS'
            flow.response.headers['Access-Control-Allow-Headers'] = 'Content-Type'
            flow.response.headers['Access-Control-Max-Age'] = '86400'
            flow.response.status_code = 204
            flow.response.content = b''

addons = [
    CORSPreflight()
]
	# Title: Mitmproxy's addon for handling CORS preflight requests (tested with version 8.1.1)
	# Usage: $ mitmproxy -s ./mitmproxy_CORSPreflight.py -p 8080 --ssl-insecure --mode reverse:https://www.google.com/

	from mitmproxy import http

	class CORSPreflight:
	def response(self, flow: http.HTTPFlow):
	origin = flow.request.headers.get('origin', '*')
	flow.response.headers['Access-Control-Allow-Origin'] = origin
	flow.response.headers['Access-Control-Allow-Credentials'] = 'true'

	if flow.request.method == "OPTIONS":
	flow.response.headers['Access-Control-Allow-Methods'] = 'GET, POST, OPTIONS'
	flow.response.headers['Access-Control-Allow-Headers'] = 'Content-Type'
	flow.response.headers['Access-Control-Max-Age'] = '86400'
	flow.response.status_code = 204
	flow.response.content = b''

	addons = [
	CORSPreflight()
	]