dev-ahmedhany/cloudflare-worker-quran-ksu.js

## cloudflare-worker-quran-ksu.js
// We support the GET, POST, HEAD, and OPTIONS methods from any origin,
// and allow any header on requests. These headers must be present
// on all responses to all CORS preflight requests. In practice, this means
// all responses to OPTIONS requests.
const corsHeaders = {
  "Access-Control-Allow-Origin": "*",
  "Access-Control-Allow-Methods": "GET,HEAD,POST,OPTIONS",
  "Access-Control-Max-Age": "86400",
}

// The rest of this snippet for the demo page
async function rawHtmlResponse(html) {
  return new Response(html, {
    headers: {
      "content-type": "text/html;charset=UTF-8",
    },
  })
}

async function handleRequest(request) {

  const url = new URL(request.url)
  let p = url.pathname
  if(p == "/")
  {
    p = "/m.php"
  }
  let apiUrl = "http://quran.ksu.edu.sa" + p + url.search;

  if(p == "/favicon.ico" || p == "/logo192.png" || p == "/logo512.png" ||
  p == "/manifest.json" || p == "/robots.txt" || p == "/js/wm.js" || p == "/js/engine.js")
  {
    apiUrl = "https://dev-ahmedhany.github.io/quran.ksu" + p + url.search;
  }

  // Rewrite request to point to API url. This also makes the request mutable
  // so we can add the correct Origin header to make the API server think
  // that this request isn't cross-site.
  request = new Request(apiUrl, request)
  request.headers.set("Origin", new URL(apiUrl).origin)
  let response = await fetch(request)

  if(p == "/m.php")
  {
    const originalBody = await response.text()
    const newBody = originalBody.replace(`<meta name="apple-mobile-web-app-capable" content="yes">`,
    `<meta name="apple-mobile-web-app-capable" content="yes">
<link rel="apple-touch-icon" href="./logo192.png" />
<link rel="manifest" href="./manifest.json" />`)
    // Recreate the response so we can modify the headers
    response = new Response(newBody, response)
  }
  else
  {
    // Recreate the response so we can modify the headers
    response = new Response(response.body, response)
  }
  response.headers.set("Cache-Control", "max-age=157680000")
  response.headers.delete("Pragma")

  // Set CORS headers
  //response.headers.set("Access-Control-Allow-Origin", "https://ayat.herokuapp.com")

  // Append to/Add Vary header so browser will cache response correctly
  //response.headers.append("Vary", "Origin")

  return response
}

function handleOptions(request) {
  // Make sure the necessary headers are present
  // for this to be a valid pre-flight request
  let headers = request.headers;
  if (
    headers.get("Origin") !== null &&
    headers.get("Access-Control-Request-Method") !== null &&
    headers.get("Access-Control-Request-Headers") !== null
  ){
    // Handle CORS pre-flight request.
    // If you want to check or reject the requested method + headers
    // you can do that here.
    let respHeaders = {
      ...corsHeaders,
    // Allow all future content Request headers to go back to browser
    // such as Authorization (Bearer) or X-Client-Name-Version
      "Access-Control-Allow-Headers": request.headers.get("Access-Control-Request-Headers"),
    }

    return new Response(null, {
      headers: respHeaders,
    })
  }
  else {
    // Handle standard OPTIONS request.
    // If you want to allow other HTTP Methods, you can do that here.
    return new Response(null, {
      headers: {
        Allow: "GET, HEAD, POST, OPTIONS",
      },
    })
  }
}

addEventListener("fetch", event => {
  const request = event.request
  const url = new URL(request.url)
  if (request.method === "OPTIONS") {
    // Handle CORS preflight requests
    event.respondWith(handleOptions(request))
  }
  else if(
    request.method === "GET" ||
    request.method === "HEAD" ||
    request.method === "POST"
  ){
    // Handle requests to the API server
    event.respondWith(handleRequest(request))
  }
  else {
    event.respondWith(
      new Response(null, {
        status: 405,
        statusText: "Method Not Allowed",
      }),
    )
  }
})
	// We support the GET, POST, HEAD, and OPTIONS methods from any origin,
	// and allow any header on requests. These headers must be present
	// on all responses to all CORS preflight requests. In practice, this means
	// all responses to OPTIONS requests.
	const corsHeaders = {
	"Access-Control-Allow-Origin": "*",
	"Access-Control-Allow-Methods": "GET,HEAD,POST,OPTIONS",
	"Access-Control-Max-Age": "86400",
	}

	// The rest of this snippet for the demo page
	async function rawHtmlResponse(html) {
	return new Response(html, {
	headers: {
	"content-type": "text/html;charset=UTF-8",
	},
	})
	}

	async function handleRequest(request) {

	const url = new URL(request.url)
	let p = url.pathname
	if(p == "/")
	{
	p = "/m.php"
	}
	let apiUrl = "http://quran.ksu.edu.sa" + p + url.search;

	if(p == "/favicon.ico" \|\| p == "/logo192.png" \|\| p == "/logo512.png" \|\|
	p == "/manifest.json" \|\| p == "/robots.txt" \|\| p == "/js/wm.js" \|\| p == "/js/engine.js")
	{
	apiUrl = "https://dev-ahmedhany.github.io/quran.ksu" + p + url.search;
	}

	// Rewrite request to point to API url. This also makes the request mutable
	// so we can add the correct Origin header to make the API server think
	// that this request isn't cross-site.
	request = new Request(apiUrl, request)
	request.headers.set("Origin", new URL(apiUrl).origin)
	let response = await fetch(request)

	if(p == "/m.php")
	{
	const originalBody = await response.text()
	const newBody = originalBody.replace(`<meta name="apple-mobile-web-app-capable" content="yes">`,
	`<meta name="apple-mobile-web-app-capable" content="yes">
	<link rel="apple-touch-icon" href="./logo192.png" />
	<link rel="manifest" href="./manifest.json" />`)
	// Recreate the response so we can modify the headers
	response = new Response(newBody, response)
	}
	else
	{
	// Recreate the response so we can modify the headers
	response = new Response(response.body, response)
	}
	response.headers.set("Cache-Control", "max-age=157680000")
	response.headers.delete("Pragma")

	// Set CORS headers
	//response.headers.set("Access-Control-Allow-Origin", "https://ayat.herokuapp.com")

	// Append to/Add Vary header so browser will cache response correctly
	//response.headers.append("Vary", "Origin")

	return response
	}

	function handleOptions(request) {
	// Make sure the necessary headers are present
	// for this to be a valid pre-flight request
	let headers = request.headers;
	if (
	headers.get("Origin") !== null &&
	headers.get("Access-Control-Request-Method") !== null &&
	headers.get("Access-Control-Request-Headers") !== null
	){
	// Handle CORS pre-flight request.
	// If you want to check or reject the requested method + headers
	// you can do that here.
	let respHeaders = {
	...corsHeaders,
	// Allow all future content Request headers to go back to browser
	// such as Authorization (Bearer) or X-Client-Name-Version
	"Access-Control-Allow-Headers": request.headers.get("Access-Control-Request-Headers"),
	}

	return new Response(null, {
	headers: respHeaders,
	})
	}
	else {
	// Handle standard OPTIONS request.
	// If you want to allow other HTTP Methods, you can do that here.
	return new Response(null, {
	headers: {
	Allow: "GET, HEAD, POST, OPTIONS",
	},
	})
	}
	}

	addEventListener("fetch", event => {
	const request = event.request
	const url = new URL(request.url)
	if (request.method === "OPTIONS") {
	// Handle CORS preflight requests
	event.respondWith(handleOptions(request))
	}
	else if(
	request.method === "GET" \|\|
	request.method === "HEAD" \|\|
	request.method === "POST"
	){
	// Handle requests to the API server
	event.respondWith(handleRequest(request))
	}
	else {
	event.respondWith(
	new Response(null, {
	status: 405,
	statusText: "Method Not Allowed",
	}),
	)
	}
	})