Skip to content

emeraldwalk/git-cors-proxy-fork

BranchesTags
 
 

Repository files navigation

git-cors-proxy

A fork of @isomorphic-git/cors-proxy that adds support for an allowlist of multiple origins (including wildcard subdomains), and a ready-to-go Vercel deployment.

It proxies git clone / fetch / push / getRemoteInfo requests made from the browser (e.g. via isomorphic-git) so they aren't blocked by CORS.

Deploy to Vercel

Deploy with Vercel

  1. Click the button above (or import the emeraldwalk/git-cors-proxy repo into Vercel manually).
  2. Set the ALLOW_ORIGINS environment variable (see below).
  3. Deploy. The resulting URL (e.g. https://git-cors-proxy.vercel.app) is the proxyUrl to configure in any app that uses this proxy.

No changes to this repo are needed to support a new app under an already-allowed wildcard domain — just point the app's proxyUrl setting at the deployed proxy. For an app on a different domain, add its origin to ALLOW_ORIGINS in the Vercel project settings and redeploy.

ALLOW_ORIGINS

Comma-separated list of origins allowed to use the proxy. Each entry is either:

  • An exact origin, e.g. https://notes.emeraldwalk.com
  • A wildcard subdomain pattern, e.g. *.emeraldwalk.com, which matches any https://<subdomain>.emeraldwalk.com origin
# Single domain
ALLOW_ORIGINS=https://notes.emeraldwalk.com

# Wildcard subdomain
ALLOW_ORIGINS=*.emeraldwalk.com

# Mixed
ALLOW_ORIGINS=*.emeraldwalk.com,https://some-other-app.vercel.app

If ALLOW_ORIGINS is not set, all requests are rejected (fail closed). Requests with a disallowed origin, or with no Origin header at all, receive a 403.

CLI usage

Start proxy on default port 9999:

cors-proxy run

Start proxy on a custom port:

cors-proxy run -p 9889

Start proxy in daemon mode:

cors-proxy start

Kill the daemon process:

cors-proxy stop

CLI configuration

Environment variables:

  • PORT the port to listen to (if run with npm start)
  • ALLOW_ORIGINS comma-separated list of allowed origins (see above)
  • INSECURE_HTTP_ORIGINS comma separated list of origins for which HTTP should be used instead of HTTPS (added to make developing against locally running git servers easier)

Middleware usage

You can also use git-cors-proxy as middleware in your own server.

import express from 'express';
import corsProxy from 'git-cors-proxy';

const app = express();

app.use(corsProxy);

The middleware uses the ALLOW_ORIGINS and INSECURE_HTTP_ORIGINS environment variables, same as the CLI.

Running tests

npm test

License

This work is released under The MIT License

About

Proxy clone and push requests for the browser

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages

  • JavaScript 85.1%
  • HTML 12.8%
  • Dockerfile 2.1%