A simple and lightweight CORS proxy built for Cloudflare Workers that allows you to make cross-origin requests to any URL.
- ✅ Handles all HTTP methods (GET, POST, PUT, DELETE, etc.)
- ✅ Supports CORS preflight requests
- ✅ Two URL formats for flexibility
- ✅ Simple usage page when accessed directly
- ✅ Error handling with proper status codes
- ✅ Lightweight and fast
- Node.js installed
- Cloudflare account
- Wrangler CLI installed globally:
npm install -g wrangler
# Install dependencies
npm install
# Login to Cloudflare (if not already done)
wrangler login
# Deploy to Cloudflare Workers
npm run deployOnce deployed, you can use the proxy as follows:
https://your-worker.your-subdomain.workers.dev/?url=https://api.example.com/data
// Using fetch with the proxy
fetch(
"https://your-worker.your-subdomain.workers.dev/?url=https://api.example.com/data"
)
.then((response) => response.json())
.then((data) => console.log(data))
.catch((error) => console.error("Error:", error));
// POST request example
fetch(
"https://your-worker.your-subdomain.workers.dev/?url=https://api.example.com/submit",
{
method: "POST",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify({ key: "value" }),
}
)
.then((response) => response.json())
.then((data) => console.log(data));# Start local development server
npm run dev
# Deploy to production
npm run deploy- The worker receives a request with a target URL
- It extracts the target URL from either query parameter or path
- Creates a new request to the target URL
- Fetches the response from the target
- Returns the response with proper CORS headers added
Access-Control-Allow-Origin: *Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONSAccess-Control-Allow-Headers: *Access-Control-Max-Age: 86400
This proxy allows requests to ANY URL. In production, consider:
- Implementing URL whitelist/blacklist
- Adding rate limiting
- Authentication/API key requirements
- Logging for monitoring
MIT