Cannot navigate in proxied page

Rob--W / cors-anywhere

CORS Anywhere is a NodeJS reverse proxy which adds CORS headers to the proxied request.

MIT License

8.57k stars 5.99k forks source link

Cannot navigate in proxied page #413

Closed amaury1093 closed 2 years ago

amaury1093 commented 2 years ago

Awesome library.

I just forked the code and set up my own heroku instance, and I removed the Origin header check (that browsers don't send), so that I can test in-browser.

This works. https://sirchester-proxy.herokuapp.com/https://google.com. However, try to search for something, I get:

Invalid host: search

It's not only on google, but generally, when using this proxy, navigation is broken.

Rob--W commented 2 years ago

This is the wrong tool for your task. CORS Anywhere should only be used for fetching specific requests (possibly from other origins). It is not a generic web proxy. You shouldn't remove the Origin check, as that exists to stop direct browsing of remote content (which is a security issue, because you'd be allowing arbitrary remote content to run code on your origin).

This is a duplicate of: #61, #359, #399