Skip to content

Small application that proxies GET and POST requests to a backend which do not serve required CORS headers

License

Notifications You must be signed in to change notification settings

ludovicm67/cors-proxy

Repository files navigation

CORS proxy

Configuration

You can configure the application using the following environment variables:

  • SERVER_PORT: port this application should listen on (default: 8080),
  • SERVER_HOST: host this application should listen on (default: 0.0.0.0),
  • RATE_LIMIT_NUMBER: max number of allowed requests in a period of time (default: 60),
  • RATE_LIMIT_PERIOD: configure the period of time where requests should be counted (default: 5 minutes),
  • ALLOWED_HOSTNAMES: coma-separated list of allowed domains to proxy

Security considerations

By default, this application has a rate limit which you can easily configure. This is for preventing any spam.

It also contains a list of allowed domains. This should be explicitly defined. This prevents the make of untrusted requests to any other backend, which can be suspicious.

About

Small application that proxies GET and POST requests to a backend which do not serve required CORS headers

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Sponsor this project

 

Packages

No packages published