block by wereHamster 414aad4a41fca394a450

Proxy to remote server with CORS support

cors.py for mitmproxy

Hacking CORS restriction to enable in-browser XHR to any server.

Usage

Say you are running an web app at localhost, and you want to send XHR to http://remote-server:80, but the CORS restriction forbids access because you are sending requests from an origin that remote-server:80 does not allow.

Run:

mitmproxy -s cors.py -R http://remote-server:80 -b localhost -p 8080

Now localhost:8080 is tunnelled to remote-server:80.

And you can XHR to proxied server from localhost:

fetch("http://localhost:8080/api.json")
  .then(function(response) {
    // enjoy the response
  });

Bonus: You can inspect HTTP requests in mitmproxy.

cors.py