I built a simple proxy using Meteor and its Iron Router. It currently fails at passing through other than 200 or 500 status codes, which i guess suffices. Is this proxy.js the best way to bypass CORS without modifying remote or Apache/Nginx server settings?
"use strict"
// call with "/proxy?url=" + encodeURIComponent(myUrl)
Router.route('/proxy', function(){
var url = this.params.query.url
console.log("proxy called with url:", url)
/* // whitelist url
if(!/^https:\/\/[a-z]+\.otherdomain\.com\/[a-zA-Z/.]+$/.test(url)){
var msg = "url not allowed: " + url
console.log(msg)
//throw new Meteor.Error(msg) // Too much scary stacktrace.
this.response.writeHead(403, {'Content-Type': 'text/html'});
this.response.end(msg)
}
*/
console.log("calling url:", url)
var r = Meteor.http.call("GET", url)
var keys = []; for(var k in r) keys.push(k)
console.log("result has:", keys)
console.log("result statusCode:", r.statusCode, typeof(r.statusCode))
console.log("result data:", r.data)
//this.response.writeHead(404, {'Content-Type': 'text/html'}) // broken?! https://github.com/iron-meteor/iron-router/issues/1055
this.response.writeHead(r.statusCode, r.headers)
var html = r.content
// fix relative URLs
if(html.indexOf('<base ') < 0) html = html.replace(/<head>/i, '<head><base href="'+url+'">')
this.response.end(html)
}, {where: 'server'})
