File dependencies fail to load properly when proxy server is added on top of existing express server

Rob--W / cors-anywhere

CORS Anywhere is a NodeJS reverse proxy which adds CORS headers to the proxied request.

MIT License

8.57k stars 5.99k forks source link

File dependencies fail to load properly when proxy server is added on top of existing express server #399

Closed matthewcn56 closed 2 years ago

matthewcn56 commented 2 years ago

I have built the cors-anywhere proxy on-top of an existing express server application, rerouting requests to it through the /proxy route on my website (viewing pages like MY_SITE/proxy/PROXIED_URL . However, when I use the cors-anywhere proxy to view other pages, it attempts to load in the proxied page's dependent resources (CSS, JS files, etc) as MY_SITE/REQUESTED_RESOURCE instead of MY_SITE/proxy/REQUESTED_RESOURCE , and the server responds with error 404 not found.

Rob--W commented 2 years ago

It looks like you're trying to use this as a generic proxy. That is not supported. This proxy adds CORS headers, to serve the goal of being able to load individual resources with fetch / XMLHttpRequest. Loading documents directly is an unsupported and explicitly discouraged scenario (especially because doing so is a security risk; it is effectively a XSS vulnerability).

If you are using fetch/XHR and get unexpected additional loads, then it may be due to #112.