npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@warren-bank/corsproxy

v1.0.1

Published

Node.js server that is 'corsproxy.io' API compatible.

Downloads

247

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

warren-r-bankwarren-r-bank

Keywords

Readme

corsproxy

Node.js server that is corsproxy.io API compatible… can be used as a self-hosted drop-in replacement.

  • supports per-request header overrides via query parameters
  • supports restricting access to requests that include an API key

Installation and Usage: Globally

How to: Install:

npm install --global "@warren-bank/corsproxy"

How to: Run the server(s):

corsproxy <options>

options:
========
--help
--version
--port <number>
--acl-ip <ip_address_list>
--api-keys <key_list>
--req-insecure
--tls
--tls-cert <filepath>
--tls-key <filepath>
--tls-pass <filepath>

Options:

  • --port is the port number that the server listens on
    • ex: 8080
    • when this option is not specified:
      • HTTP proxy binds to: 80
      • HTTPS proxy binds to: 443
  • --acl-ip restricts proxy server access to clients at IP addresses in whitelist
    • ex: "192.168.1.100,192.168.1.101,192.168.1.102"
  • --api-keys restricts proxy server access to requests that include a key querystring parameter having a value in whitelist
    • ex: "1111,2222,3333,4444,5555"
  • --req-insecure is a flag to override the following environment variable to disable certificate validation for secure https requests:
  • --tls is a flag to start HTTPS proxy, rather than HTTP
    • used as shorthand to automatically configure the following options:
      • --tls-cert
      • --tls-key
      • --tls-pass
    • the values assigned to these options enable the use of a self-signed security certificate that is included in both the git repo and npm package, within the directory:
  • --tls-cert is the filepath to a security certificate to use for HTTPS
  • --tls-key is the filepath to the private key for the --tls-cert security certificate
  • --tls-pass is the filepath to a text file containing the security passphrase for the --tls-key private key
    • optional, not required when the --tls-key private key was created without a security passphrase

Examples:

  1. print help corsproxy --help

  2. print version corsproxy --version

  3. start HTTP proxy at default port corsproxy

  4. start HTTP proxy at specific port corsproxy --port "8080"

  5. start HTTPS proxy at default port corsproxy --tls

  6. start HTTPS proxy at specific port corsproxy --tls --port "8081"

Installation and Usage: Working with a Local git Repo

How to: Install:

git clone "https://github.com/warren-bank/node-CORS-Proxy.git"
cd "node-CORS-Proxy"
npm install

How to: Run the server(s):

# ----------------------------------------------------------------------
# If using a port number >= 1024 on Linux, or
# If using Windows:
# ----------------------------------------------------------------------
npm start [-- <options>]

# ----------------------------------------------------------------------
# https://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html
#
# Linux considers port numbers < 1024 to be privileged.
# Use "sudo":
# ----------------------------------------------------------------------
npm run sudo [-- <options>]

Options:

Examples:

  1. print help npm start -- --help

  2. start HTTP proxy at specific port npm start -- --port "8080"

  3. start HTTPS proxy at specific port npm start -- --port "8081" --tls

  4. start HTTPS proxy at privileged port npm run sudo -- --port "443" --tls

Client Usage

Web Browser Configuration:

  • for HTTP proxy:
    • by default, secure webpages cannot make requests to a non-secure server (ie: the HTTP proxy)
    • the following are instructions for Chromium browsers to allow all pages to access the HTTP proxy (ex: http://localhost:8080)
      1. Insecure origins treated as secure
        • open: chrome://flags/#unsafely-treat-insecure-origin-as-secure
        • enter: http://localhost:8080
        • set: Enabled
      2. [Chromium 100+] Block insecure private network requests
        • open: chrome://flags/#block-insecure-private-network-requests
        • set: Disabled
      3. restart Chrome
  • for HTTPS proxy:
    • by default, the self-signed certificate used by the --tls option is untrusted
    • on Chromium browsers:
    • on Windows OS:
      • open the root certificate management tool
        • press: Win + R
        • enter: certmgr.msc
      • import the private certificate authority used to self-sign the server certificate
        • right-click on: Trusted Root Certificate Authorities > Certificates
        • click: All Tasks > Import..
        • click: Next
        • browse:
        • click: Next
        • click: Next
        • click: Finish
        • click: Yes
      • confirmation:
        • click on: Trusted Root Certificate Authorities > Certificates
        • find:
          • Issued To: CORS-proxy
          • Issued By: CORS-proxy
      • test:

Example for HTTP proxy:

  1. start local corsproxy server:

      # npm start -- --port "8080" --api-keys "my-password" --req-insecure
  corsproxy --port "8080" --api-keys "my-password" --req-insecure

  2. run in web browser JS console on any page:

      const api_url     = 'http://localhost:8080/'
  const api_key     = 'my-password'
  const req_url     = 'https://httpbin.org/anything'
  const req_headers = [{name: 'x-foo', value: 'req-foo'},{name: 'x-bar', value: 'req-bar'}]
  const res_headers = [{name: 'x-foo', value: 'res-foo'},{name: 'x-bar', value: 'res-bar'}]

  const qs_params = [`url=${encodeURIComponent(req_url)}`]
  if (api_key)
    qs_params.push(`key=${encodeURIComponent(api_key)}`)
  for(const {name: header_name, value: header_value} of req_headers) {
    qs_params.push(`reqHeaders=${encodeURIComponent(`${header_name}:${header_value || ''}`)}`)
  }
  for(const {name: header_name, value: header_value} of res_headers) {
    qs_params.push(`resHeaders=${encodeURIComponent(`${header_name}:${header_value || ''}`)}`)
  }

  let corsproxy_url = api_url || 'https://corsproxy.io/'
  corsproxy_url += '?' + qs_params.join('&')

  console.log(corsproxy_url)
  // http://localhost:8080/?url=https%3A%2F%2Fhttpbin.org%2Fanything&key=my-password&reqHeaders=x-foo%3Areq-foo&reqHeaders=x-bar%3Areq-bar&resHeaders=x-foo%3Ares-foo&resHeaders=x-bar%3Ares-bar

  fetch(corsproxy_url, {method: 'GET'})
    .then(res => res.json()).then(console.log)

  fetch(corsproxy_url, {method: 'POST', body: '{"hello": "world"}', headers: {'content-type': 'application/json'}})
    .then(res => res.json()).then(console.log)

Example for HTTPS proxy:

  1. start local corsproxy server:

      # npm start -- --port "8081" --tls --api-keys "my-password" --req-insecure
  corsproxy --port "8081" --tls --api-keys "my-password" --req-insecure

  2. run in web browser JS console on any page:

      const api_url     = 'https://localhost:8081/'
  const api_key     = 'my-password'
  const req_url     = 'https://httpbin.org/anything'
  const req_headers = [{name: 'x-foo', value: 'req-foo'},{name: 'x-bar', value: 'req-bar'}]
  const res_headers = [{name: 'x-foo', value: 'res-foo'},{name: 'x-bar', value: 'res-bar'}]

  const qs_params = [`url=${encodeURIComponent(req_url)}`]
  if (api_key)
    qs_params.push(`key=${encodeURIComponent(api_key)}`)
  for(const {name: header_name, value: header_value} of req_headers) {
    qs_params.push(`reqHeaders=${encodeURIComponent(`${header_name}:${header_value || ''}`)}`)
  }
  for(const {name: header_name, value: header_value} of res_headers) {
    qs_params.push(`resHeaders=${encodeURIComponent(`${header_name}:${header_value || ''}`)}`)
  }

  let corsproxy_url = api_url || 'https://corsproxy.io/'
  corsproxy_url += '?' + qs_params.join('&')

  console.log(corsproxy_url)
  // https://localhost:8081/?url=https%3A%2F%2Fhttpbin.org%2Fanything&key=my-password&reqHeaders=x-foo%3Areq-foo&reqHeaders=x-bar%3Areq-bar&resHeaders=x-foo%3Ares-foo&resHeaders=x-bar%3Ares-bar

  fetch(corsproxy_url, {method: 'GET'})
    .then(res => res.json()).then(console.log)

  fetch(corsproxy_url, {method: 'POST', body: '{"hello": "world"}', headers: {'content-type': 'application/json'}})
    .then(res => res.json()).then(console.log)

Legal: