Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Cors proxies
Service SSL status Response Type Allowed methods Allowed headers Exposed headers Follow redirect Streamable WebSocket Upload limit Download limit Country code Comments
cors-anywhere Mirrored Raw * * * Up to 5x US Require Origin header GET 2MB 2MB US Require Origin header
HTML Driven
Taskcluster * US All request must be made within the request body
Only whitelisted for taskcluster
anyorigin jsonp GET none none US
thingproxy * 100kb 100kb US Max 10 req/sec
Whatever Origin jsonp GET None None US Only code mirror Raw GET, HEAD US
Go Between
goxcors Allways 200 Raw * * None US POST type is limited to x-www-form-urlencoded
Have a werd api
Response Type is Allways text/html
YaCDN Not mirrored Raw GET None Up to 22x FR CDN, ignores browsers headers
All Origins Only code in json Json, jsonp, Raw * * None US When using raw you loose status information

This comment has been minimized.

Copy link
Owner Author

commented May 1, 2019

For CORS creator

A good cors proxy should

  • allow requested method & headers in preflight request
res.header('Access-Control-Allow-Methods', req.header('Access-Control-Request-Method'))
res.header('Access-Control-Allow-Headers', req.header('Access-Control-Request-Headers')) 
  • Send back
    • responseCode
    • responseText
    • raw data (in case someone wants to work with binary)
    • and expose all response header that came from making the request
      (and potentially prefix set-cookie & location with something)
  • dose not use but instead uses
    which allows for more option like
    • overriding method
    • sending forbidden headers
    • ignoring headers sent by the browser
    • set, delete or append request/response headers
    • control redirect (some want to read headers that are in the redirect)
    • putting the body in url for some reason


anyorigin, htmldriven & don't seems to not work atm

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.