Cors proxies

readme.md

Service	SSL	status	Response Type	Allowed methods	Allowed headers	Exposed headers	Follow redirect	Streamable	WebSocket	Upload limit	Download limit	Country code	Comments
CORS bridged	✅	Mirrored	Raw	*	All but expect Forbidden headers	❓	❓	❓	❓	16mb/request	❓	US (CA)	Blog for docs & Testing
cors-anywhere	✅	Mirrored	Raw	*	*	*	Up to 5x	❓	❓	❓	❓	US	Require Origin header
cors-anywhere @ glitch	✅	Mirrored	Raw	❓	❓	❓	❓	❓	❓	❓	❓	❓	source
thingproxy	✅	❓	❓	*	❓	❓	❓	❓	❓	100kb	100kb	US	Max 10 req/sec
Whatever Origin	❌	❌	jsonp	GET	None	None	❓	❌	❌	❓	❓	US
Go Between	✅	❓	❓	❓	❓	❓	❓	❓	❓	❓	❓	❓
goxcors	✅	Allways 200	Raw	*	*	None	✅	❓	❓	❓	❓	US	POST type is limited to x-www-form-urlencoded Have a werd api Response Type is Allways text/html
YaCDN	✅	Not mirrored	Raw	GET	None	❌	Up to 22x	❓	❓	❓	❓	FR	CDN, ignores browsers headers
All Origins	✅	Only code in json	Json, jsonp, Raw	*	❌	None	✅	❓	❓	❓	❓	US	When using raw you loose status information
Cloudflare Cors Anywhere	✅	Only code mirror (not statusText)	Raw	*	All but expect Forbidden headers	none	✅	❌	❓	none	none	❓	100,000 requests/day 1,000 requests/10 minutes
JSONProxy	✅	❓	❓	GET	❓	❓	❓	❓	❓	❓	❓	❓

Possible dead

cors.io

✅

Only code mirror

Raw

GET, HEAD

❓

❓

✅

❓

❓

❓

❓

US

crossorigin.me

✅

❓

❓

GET

❓

❓

❓

❓

❓

2MB

2MB

US

Require Origin header

HTML Driven

✅

❓

❓

❓

❓

❓

❓

❓

❓

❓

❓

❓

Taskcluster

✅

❓

❓

*

❓

❓

❓

❓

❓

❓

❓

US

All request must be made within the request body Only whitelisted for taskcluster

anyorigin

❌

❓

jsonp

GET

none

none

❓

❌

❌

❌

❓

US

@softmarshmallow Will do!

Do you know if they allow sending/reading headers in some other form other than directly onto the request headers?
Browsers blocks some request headers from being sent & read

Another issue that one of my private CORS proxy is solving is the ability to set/remove certain headers on the request/response

new Headers({
   // send a cookie that is forbidden otherwise
  'x-cors-set-request-headers': 'cookie: value',

  // pretend that i'm making a request from another origin
  'x-cors-set-request-headers': 'origin: example.com',

  // Remove restriction that don't allow page to work in a iframe
  'x-cors-delete-response-headers': 'csp', 
  'x-cors-delete-response-headers': 'X-Frame-Options',

  // override text/plain so it can render properly
  'x-cors-set-response-headers': "content-type: text/html"
})

i know that some REST Apis with CORS enabled already exist but they really limit it to there own domain by checking if
http://example.com is allowed to make request to http://api.example.com by looking at the origin header so there is no way to fake that I'm making a request from http://example.com if i'm not allowed to set a forbidden header origin

The "I don't want to host this myself" state of affairs April 2021:

• CORS Bridged: Requires signup
• cors-anywhere: Requires opt in
• cors-anywhere glitch: Suspended
• thingproxy: Wrong link, dead anyway
• whateverorigin: Dead
• gobetween: Dead
• goxcors: Dead
• Yacdn: Dead
• Allorigins: Works (some gzip issues)
• Cloudflare CORS: Broken
• JSON Proxy: Dead

This list was shared/copied a lot, probably the reason why many is dead now.

and most of the shared repo here for cloudflare workers are not working anymore but glad I found all origins, it saved me a lot of time. Cloudflare-cors-anywhere doens't work with cloudflare workers that returns a json body due to 403 forbidden headers (when I do the fetch inside the worker panel it works fine) but it works on graphql queries though from my use case

I just made this with almost all the options that @jimmywarting suggested. Haven't tested much but it should works :)

Can you add https://corsproxy.io? It's made by my company and many other companies use it to develop javascript applications. It's made in Germany, 100% gdpr compliant and runs on a global CDN. We currently serve 2.5 Mio requests per day :)

Can you add https://corsproxy.io? It's made by my company and many other companies use it to develop javascript applications. It's made in Germany, 100% gdpr compliant and runs on a global CDN. We currently serve 2.5 Mio requests per day :)

Looks promising, it would be really nice if it has query options to modify the proxy request like adding or removing headers. Great work!

Looks promising, it would be really nice if it has query options to modify the proxy request like adding or removing headers. Great work!

Thank you for the feedback! We‘ll definitively add this feature. It may takes two to three weeks :)

👍 for https://corsproxy.io

Site is awesome.

Can we find documentation about this https://corsproxy.io/ @mariusbolik .

Can you add https://corsproxy.io? It's made by my company and many other companies use it to develop javascript applications. It's made in Germany, 100% gdpr compliant and runs on a global CDN. We currently serve 2.5 Mio requests per day :)

is it safe to use

@vsn530 Assuming Marius was being 100% honest (I don't doubt he was), the claim is thei're GDPR compliant and have no logs. (which if they're based in Germany, violating is a hefty fine!), but anyway you shouldn't be sending highly confidential data/credentials through a free proxy you don't own.

@vsn530 Assuming Marius was being 100% honest (I don't doubt he was), the claim is thei're GDPR compliant and have no logs. (which if they're based in Germany, violating is a hefty fine!), but anyway you shouldn't be sending highly confidential data/credentials through a free proxy you don't own.

To avoid that you should just setup your own server. The corsproxy.io just for things that don't contain important data and not worth to create a server for them.

By the way I'm still waiting for their request headers modify feature ;D

@softmarshmallow unfortunately I tried your service and you're not setting the right headers for me to make requests from the frontend

@sw-yx cors.bridged.cc requires an API key now see https://github.com/gridaco/base/issues/23 for more information

Can you add https://corsproxy.io? It's made by my company and many other companies use it to develop javascript applications. It's made in Germany, 100% gdpr compliant and runs on a global CDN. We currently serve 2.5 Mio requests per day :)

Is it going to be reliable? I mean will it get shut down like the other ones at some point in the future? It works great.

Hi @bytezeroseven,

thank you for your message and sorry for the bit delayed answer. I’m glad you like https://corsproxy.io.

Our Network also runs a lot bigger services than our CORS Proxy. We have enough computing power to run the project in the long term. We are also adding a newsletter to the site very soon so that users can receive early notification of outages and maintenance. And we are planning to add some premium features to refinance the project to make sure it lasts a long time. :)

Regards,
Marius

just left a request for an api key at cors.bridged.cc. Its just for a few students to do some projects with apis they want to use. I'll update on the process - see if I get an answer, a key, etc. For now we are using corsproxy.io. I can't believe how fast it is.

Hi @bytezeroseven,

thank you for your message and sorry for the bit delayed answer. I’m glad you like https://corsproxy.io.

Our Network also runs a lot bigger services than our CORS Proxy. We have enough computing power to run the project in the long term. We are also adding a newsletter to the site very soon so that users can receive early notification of outages and maintenance. And we are planning to add some premium features to refinance the project to make sure it lasts a long time. :)

Regards, Marius

Will modify request/response feature (add request headers, etc...) be added?

@mariusbolik Does corsproxy.io follow redirects?

Will modify request/response feature (add request headers, etc...) be added?

Yes, this is on our roadmap!

Just pinging in. I'm preparing my cors.bridged.cc back to free & public again. with the new domain under https://cors.sh/ (It's not online for now)
This might take some time for me, few weeks, may be a month. I'll let the subscribers here know once the service is ready. :)

corsproxy helped me with the toughest api that none of the other proxies were set up right for. It’s full service. Love it! Thank you!

@mariusbolik your proxy is amazing! Thank you. We are using it for educational reasons, nothing big or serious, but it helps our students use the APIs they actually like.

@femke77 thank you! I appreciate your words!

@mariusbolik I have a project due for my university course this week and we can't have the examiner use any browser addons that would bypass the cors error.

Your service has saved me, If this project was not here I would not be able to gain my qualification.

Thank you and thanks to anyone involved, I just wish I knew the words to express my thanks.

Using @mariusbolik 's service for the first time today and it has worked super fine for me. Thanks for the great work!

@mariusbolik Does corsproxy.io follow redirects?

@mariusbolik thank you for your service, I'm using it for another free service at https://ec2instances.github.io/ works like a charm!

@mariusbolik Have headers modification feature been added? Thanks for such a great service anyway.