Wormhole
Circumvent CORS on client-side, like it's 2002
Circumvent CORS on client-side, like it's 2002
TL;DR - You'll be able to do cross-origin request using this library and "proxy" page on destination origin.
As you know, you can do asynchronous HTTP requests using Javascript. But majority of web-browser won't allow you to request site which have different "origin", i.e. having different scheme, hostname or port. This doesn't seems convenient, but it significantly reduces surface for CSRF-type attacks. However, you can allow browser to do request by setting HTTP headers related to CORS policies, like "Access-Control-Allow-Origin" and so on. But this is impossible if you don't control webserver that hosts your site or you cannot configure it.
So here is this tool, working this way: you upload wormhole library and page ("Wormhole server") which will act like proxy on target server. Then when you're doing request from page with different origin client part of library creating invisible iframe with this proxy page and communicates with it using postMessage/onmessage mechanism, proxy (having its origin) executes request and returns result via that channel.
Upload wormhole.js and wormhole server/proxy page to target server.
For example, if you want to do request to your site aaa.superhosting.com, you upload these files, so page is available like https://aaa.superhosting.com/wh.htm or https://aaa.superhosting.com/some/arbitrary/path/wormhole.htm
Just load library - wormhole.js
Example usage
var client = new WormholeClient('https://aaa.superhosting.com/wh.htm'); client.open(); // Will fetch file https://aaa.superhosting.com/some/file.txt client.send('fetch', { method: 'get', url: '/some/file.txt', done: successCallback, failed: failCallback }); // Will fetch file https://aaa.superhosting.com/some/file_too.txt client.send('fetch', { method: 'get', url: '/some/file_too.txt', done: successCallback, failed: failCallback }); client.close();