Those are little gems, I let you disvover their full potentials...
Otiginal articals Kristoher Sandoval
Free CORS Proxy Servers
- CORS Anywhere
CORS Anywhere does what it says on the tin – it enables cross-origin requests to “anywhere.” The best thing CORS Anywhere has going for it is its simplicity – in essence, all you have to do is prefix the URL with the API URL for CORS Anywhere, and the proxy will handle the request on your behalf with appropriate CORS headers. You can also use something like npm to install cors-anywhere as a module and utilize its defined domain and port to do essentially the same thing on a local level.
- HTMLDriven
HTMLDriven is a solution designed for “performing standard AJAX requests to 3rd party services”. As such, it’s a straightforward tool and has limited feature sets outside of proxying for requests. While it can be installed using a composer, there is also a relatively lightweight and extremely simple web-based implementation on its main page that can be used for simple requests.
- Taskcluster
Taskcluster is a collection of services, one of which is its CORS Proxy. The proxy is a relatively simple service that enables taskcluser services to make CORS requests through a system allowing for URL, method, headers, data, and rejection (specifically, rejectUnauthorized) headers. While still usable, like many on this list, this project is currently not being iterated upon – in fact, the GitHub where development is carried out is currently archived. As such, while this is a great solution, it should be considered a stopgap rather than a long-term solution.
- thingproxy
thingproxy is a javascript proxy that solves the CORS problem, but it also serves a great function when it comes to HTTPS requests. Many browsers, in addition to CORS issues, have issues when handling requests for non-HTTPS resources from HTTPS requestors. thingproxy is designed to get around this and offers both the source code option and a free proxy at freeboard.io.
thingproxy is pretty explicitly for small API calls – as such, requests and responses are both limited to 100,000 characters each. Additionally, each IP is throttled to only ten requests per second. This makes this proxy a great testing platform rather than a long-term proxy for production use.
- Whatever Origin
Originally an open-source clone of AnyOrigin, Whatever Origin has since become the better of the two due to the simple fact that AnyOrigin is no longer operable. Whatever Origin is rather simple, and uses the same “proxy url” + “destination url” scheme as in other implementations. Notably, Whatever Origin claims better HTTPS support, and as such, may be a better solution for those utilizing HTTPS in their proxy-needing projects.
It should be noted that Whatever Origin, though still usable, is not currently maintained. For this reason, the project, while useful, should be considered within the frame of it being non-current.
- alloworigin
alloworigin is an interesting project. Initially a simple Django alternative to AnyOrigin and Whatever Origin, it is the only implementation between those two that is both currently usable and in active maintenance. The last commit for alloworigin was in 2019, and development seems somewhat active. It is basically the same as Whatever Origin in terms of use workflow, so if a current project is needed as an alternative to Whatever Origin, this is a great option – assuming these use of Django is compatible with your existing implementation.
- Go Between
Go Between offers two different solutions for CORS proxy handling. First, it provides a pretty standard solution for simply prepending a URL with the proxy URL (specifically, adding “https://gobetween.oklabs.org/” before each request). The more interesting secondary solution is the use of domain mapping, allowing any domain to be mapped to any URI as a base bath. This is best used for production resources that routinely hit CORS issues while not itself necessitating CORS headers to any high level. That middle ground is often underserved, and Go Between is a wonderful solution for that specific use case.
- allOrigins
allOrigins is an interesting javascript solution in that content is pulled via the API in JSON/P or raw, and then delivered to the client for further use or transformation. This is more directly a proxy useful in the development of services that rely on other resources and pages rather than specific APIs – for instance, pulling data from Wikipedia.org without using an API is a good use case for this sort of proxy.
That being said, this is a very niche solution and is only really useful in specific applications. A more generalist solution may be more appropriate depending on use case – if your use case is appropriate, however, allOrigins is a great implementation.
- Cloudflare
Cloudflare is arguably the most feature-rich solution on this list. Its CORS proxy solution is one aspect of a much more sophisticated offering. Cloudflare is a massive Content Delivery Network or CDN. As such, it offers security, reliability, and performance solutions well above and beyond what a CORS proxy is designed to do.
With that in mind, Cloudflare provides a pretty clean and straightforward method for CORS resolution. Cloudflare automatically detects cached assets through header investigation and passes the origin headers from the origin server to the browser in question. This is all done quite simply, and can be configured and edited using the internal API.
- YaCDN
YaCDN isn’t really a proxy server by design and instead exists as a CDN (much like CloudFlare). That being said, it does have an explicit CORS proxy endpoint that simply prepends the YaCDN URL to the resource destination. Of note is that YaCDN is still being actively maintained and updated.
Conclusion
One of the great things about open development is that if you need something, there’s very likely a comprehensive solution somewhere. All of the choices on this list are great ones depending upon some specific use cases, requirements, and implementation restrictions – as such, any option here can be the right one for the right situation.
What do you think about this list? Did we miss any major CORS proxies? Let us know in the comments below!
Top comments (0)