A comprehensive, feature-rich CORS proxy server that enables cross-origin requests to any API. Supports all HTTP methods with multiple usage patterns and advanced configuration options.
- Full HTTP Method Support: GET, POST, PUT, DELETE, PATCH, OPTIONS, HEAD
- Multiple Usage Patterns: Query parameters, RESTful style, and request body
- Enhanced CORS Headers: Pre-configured for all cross-origin scenarios
- Flexible Request Configuration: Headers, body, and method customization
- Comprehensive Error Handling: Detailed error responses with status codes
- Multiple Content Type Support: JSON, text, binary data, and more
- Request Timeout: 30-second timeout for all requests
- Health Monitoring: Built-in health check endpoint
- RESTful URL Support: Path-based proxy routing
# Clone the repository
git clone <your-repo>
cd cors-proxy
# Install dependencies
npm install
# Start the server
npm start
# For development with auto-restart
npm run dev{
"express": "^4.18.2",
"cors": "^2.8.5",
"axios": "^1.6.0"
}// GET request
fetch('/proxy?url=https://api.example.com/data')
.then(response => response.json())
.then(data => console.log(data));
// GET with custom headers
fetch('/proxy?url=https://api.example.com/data&headers=' + encodeURIComponent(JSON.stringify({
'Authorization': 'Bearer your-token'
})))
.then(response => response.json());// POST request with body and headers
fetch('/proxy', {
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify({
url: 'https://api.example.com/users',
method: 'POST',
headers: {
'Authorization': 'Bearer your-token',
'Content-Type': 'application/json'
},
body: {
name: 'John Doe',
email: 'john@example.com'
}
})
})
.then(response => response.json());
// PUT request
fetch('/proxy', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
url: 'https://api.example.com/users/123',
method: 'PUT',
body: {
name: 'Jane Doe',
email: 'jane@example.com'
}
})
});
// DELETE request
fetch('/proxy', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
url: 'https://api.example.com/users/123',
method: 'DELETE'
})
});// Simple GET with path
fetch('/proxy/api.example.com/data')
.then(response => response.json());
// Full URL support
fetch('/proxy/https://jsonplaceholder.typicode.com/posts')
.then(response => response.json());- URL:
/proxy - Methods: ALL (GET, POST, PUT, DELETE, PATCH, OPTIONS, HEAD)
- Parameters:
url(string, required): Target URL to proxymethod(string, optional): HTTP method (defaults to GET or request method)headers(object, optional): Request headers as JSON stringbody(object, optional): Request body as JSON string (query params only)
- URL:
/proxy/* - Methods: ALL
- Description: Use the path as the target URL
- URL:
/health - Method: GET
- Response: Server status and timestamp
- URL:
/examples - Method: GET
- Response: Usage examples and patterns
PORT=3000 # Server port (default: 3000)The proxy automatically:
- Forwards most headers from the original request
- Adds
User-Agent: CORS-Proxy-Server/1.0 - Removes problematic headers (
host,connection,content-length) - Preserves
Content-Typeand other important headers
application/jsontext/*(text/plain, text/html, text/xml)- Binary data
- Multipart forms
The proxy returns structured error responses:
// Success Response
{
"data": "response data"
}
// Error Response
{
"message": "Error description",
"status": "error",
"statusCode": 400,
"error": "Detailed error information",
"url": "https://failed-url.com"
}400: Bad Request (invalid URL, missing parameters)500: Internal Server Error (proxy error)429: Too Many Requests (if rate limiting implemented)5xx: Forwarded from target API
async function makeProxyRequest() {
try {
const response = await fetch('/proxy', {
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify({
url: 'https://jsonplaceholder.typicode.com/posts',
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
body: {
title: 'foo',
body: 'bar',
userId: 1
}
})
});
if (!response.ok) {
throw new Error(`HTTP ${response.status}`);
}
const data = await response.json();
console.log('Success:', data);
return data;
} catch (error) {
console.error('Request failed:', error);
}
}import axios from 'axios';
const proxyRequest = async (targetUrl, method = 'GET', data = null) => {
const response = await axios({
method: 'POST',
url: '/proxy',
data: {
url: targetUrl,
method: method,
body: data,
headers: {
'Authorization': 'Bearer your-token'
}
}
});
return response.data;
};
// Usage
const result = await proxyRequest('https://api.example.com/data', 'POST', { key: 'value' });- Use HTTPS in production
- Implement rate limiting for public deployments
- Add authentication if needed
- Validate and sanitize target URLs
- Consider domain whitelisting for production use
- CORS Errors: Ensure you're using the proxy URL, not the target URL directly
- Timeout Errors: Check if target API is accessible and responsive
- JSON Parse Errors: Verify your request body is valid JSON
- Invalid URL: Ensure URLs include protocol (http:// or https://)
Enable logging by adding to your server code:
// Add this before the axios request
console.log('Proxying:', { url, method, headers });- Fork the repository
- Create a feature branch
- Commit your changes
- Push to the branch
- Create a Pull Request
Note: This proxy is designed for development and moderate usage. For high-traffic production environments, consider implementing additional security measures, rate limiting, and caching.