MCPcopy Index your code
hub / github.com/Shivam010/bypass-cors

github.com/Shivam010/bypass-cors @v1.1.0

Chat with this repo
repository ↗ · DeepWiki ↗ · release v1.1.0 ↗ · + Follow
28 symbols 65 edges 5 files 14 documented · 50%
What it actually does AI analysis from the code graph — generated when you open this
loading…
README

Note: This repository and project is for educational and testing purposes only, any illegal or bad use of project or its hosted service https://non-cors.herokuapp.com is solely the responsibility of the users using it. Me or the contributors has nothing to do with that.

Also, the hosted service https://non-cors.herokuapp.com has been disabled for now, for safety. Sorry for any inconvenience.

bypass-cors

a proxy server to bypass CORS (Cross-Origin Resource Sharing) enabled servers

Proxy your requests just by prefixing your request URL with: https://non-cors.herokuapp.com/ with all the headers and payload as it is.

CORS ?

Browsers enforce same origin policy (CORS) to protect the users from XSS (Cross Site Scripting) among several other types of attacks.

In short, browsers blocks all the requests which are not originated from the same origin as that of the web-page.

But this feature banes the developer from accessing data from different servers. Luckily, there's a way out of this, and that's what bypass-cors uses.

How does bypass-cors proxy CORS ?

Whenever we make a cross origin request, browsers set a request header called Origin, to give the information about the requester, and uses the CORS policy to block the non-origin requests. And checks the Response Header for Access-Control header values according to CORS policy.

Hence, if we can change the response headers in our favor than we can easily tricks the browser, and this is what the bypass-cors proxy server does.

It acts as a middleware and make request to the destined server, obtain response, and adds/sets some relevant headers with the response and sends it back to you, tricking the browser.

Examples

Proxy your requests just by prefixing your request URL with: https://non-cors.herokuapp.com/ with all the headers and payload as it is. bypass-cors supports all types of http.Method requests.

https://non-cors.herokuapp.com/<Your-URL> + Request Header & Body (if any)

```http request GET https://joke-api-strict-cors.appspot.com/jokes/ten ==> GET https://non-cors.herokuapp.com/https://joke-api-strict-cors.appspot.com/jokes/ten

```

Request for Contribution

Changes and improvements are more than welcome!

Feel free to fork, create issues or pull a request here.

Please make your changes in a specific branch and request to pull into master! If you can please make sure that the changes work properly and does not affect the functioning of the website before sending a Pull Request, as that will help speed up the process.

License

The application, its design and its code all are licensed under the MIT license.

Extension points exported contracts — how you extend this code

Core symbols most depended-on inside this repo

Shape

Function 13
Method 8
Struct 6
Interface 1

Languages

Go100%

Modules by API surface

helper.go15 symbols
main_test.go8 symbols
main.go3 symbols
license.go1 symbols
init.go1 symbols

For agents

$ claude mcp add bypass-cors \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact

Ask about this repo answers extend the page