# rob--w/cors-anywhere

**Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/rob-w-cors-anywhere).**

9,347 stars · 6,558 forks · JavaScript · mit

## Links

- GitHub: https://github.com/Rob--W/cors-anywhere
- awesome-repositories: https://awesome-repositories.com/repository/rob-w-cors-anywhere.md

## Description

This project is a Node.js HTTP proxy server that enables cross-domain API requests from browsers by injecting Cross-Origin Resource Sharing headers into HTTP responses. It functions as a reverse proxy gateway and header manipulator, allowing for the interception and modification of traffic between a client and a target server.

The proxy provides mechanisms to bypass browser same-origin policy restrictions through automated header injection. It includes capabilities for origin-based rate limiting and request interception to control traffic flow and prevent unauthorized usage of the proxy service.

The system covers broad capability areas including request and response header modification, origin domain filtering via whitelists or blacklists, and the ability to route outgoing requests through intermediate proxy tunnels. It also handles recursive redirect resolution to retrieve final destination content and URLs.

## Tags

### Networking & Communication

- [CORS Proxies](https://awesome-repositories.com/f/networking-communication/cors-proxies.md) — Provides a proxy server that injects CORS headers into responses to bypass browser same-origin policy restrictions. ([source](https://github.com/Rob--W/cors-anywhere/blob/master/Procfile))
- [CORS Header Injection](https://awesome-repositories.com/f/networking-communication/proxy-headers/cors-header-injection.md) — Injects required Access-Control-Allow-Origin headers into responses to allow browsers to bypass same-origin policy restrictions.
- [Cross-Origin Networking](https://awesome-repositories.com/f/networking-communication/cross-origin-networking.md) — Enables API requests from web pages to servers that do not provide CORS headers via a proxy layer.
- [HTTP Proxies](https://awesome-repositories.com/f/networking-communication/http-proxies.md) — Functions as a middleman server that intercepts, modifies, and routes HTTP traffic between clients and destinations.
- [Proxy Headers](https://awesome-repositories.com/f/networking-communication/proxy-headers.md) — Implements utilities for modifying and forwarding HTTP request headers specifically for proxying purposes. ([source](https://github.com/Rob--W/cors-anywhere/blob/master/README.md))
- [Automatic Redirect Handlers](https://awesome-repositories.com/f/networking-communication/automatic-redirect-handlers.md) — Provides logic to automatically trace and follow HTTP redirect chains to retrieve the final destination content. ([source](https://github.com/Rob--W/cors-anywhere/blob/master/lib/help.txt))
- [Reverse Proxies](https://awesome-repositories.com/f/networking-communication/networking/reverse-proxies.md) — Operates as a reverse proxy gateway that routes requests while enforcing origin whitelists and security constraints.

### Security & Cryptography

- [HTTP Request Filtering](https://awesome-repositories.com/f/security-cryptography/http-request-filtering.md) — Inspects and filters incoming HTTP requests to validate origins and headers before forwarding traffic.
- [Access Restrictions](https://awesome-repositories.com/f/security-cryptography/access-restrictions.md) — Implements request filtering based on origin domains and headers to prevent unauthorized usage of the proxy server. ([source](https://github.com/Rob--W/cors-anywhere/blob/master/lib/help.txt))
- [Domain Whitelists](https://awesome-repositories.com/f/security-cryptography/domain-based-access-controls/domain-whitelists.md) — Controls access to the target server using whitelists and blacklists of originating domains. ([source](https://github.com/Rob--W/cors-anywhere#readme))
- [Proxy Security Header Enforcements](https://awesome-repositories.com/f/security-cryptography/network-infrastructure-security/web-network-security/web-security-policies/proxy-security-header-enforcements.md) — Enforces the presence of specific headers in incoming requests to block direct browser access and unauthorized traffic. ([source](https://github.com/Rob--W/cors-anywhere#readme))
- [Rate Limiting & Abuse Prevention](https://awesome-repositories.com/f/security-cryptography/rate-limiting-abuse-prevention.md) — Prevents service abuse by throttling request frequency from specific originating domains.

### Web Development

- [API Request Handling](https://awesome-repositories.com/f/web-development/api-management-tools/api-request-handling.md) — Intercepts and modifies HTTP headers on the fly to meet the requirements of target servers or APIs.
- [HTTP Header Manipulators](https://awesome-repositories.com/f/web-development/backend-development/request-response-handling/http-utilities/http-header-manipulators.md) — Provides utilities to add, remove, or filter request and response headers to manage metadata and bypass security restrictions.
- [Dynamic Request Forwarding](https://awesome-repositories.com/f/web-development/request-forwarding-mechanisms/dynamic-request-forwarding.md) — Translates incoming proxy requests into outgoing HTTP calls to a target server while preserving essential metadata.

### DevOps & Infrastructure

- [Rate Limiters](https://awesome-repositories.com/f/devops-infrastructure/rate-limiters.md) — Implements origin-based rate limiting to control request frequency and prevent abuse of the proxy service. ([source](https://github.com/Rob--W/cors-anywhere#readme))

### Software Engineering & Architecture

- [Rate Limiting](https://awesome-repositories.com/f/software-engineering-architecture/request-throttling/rate-limiting.md) — Caps request frequency from specific source domains to maintain system stability and prevent abuse.