[ { "path": ".archives/console/.gitignore", "content": "# See https://help.github.com/articles/ignoring-files/ for more about ignoring files.\n\n# dependencies\n/node_modules\n/.pnp\n.pnp.js\n\n# testing\n/coverage\n\n# next.js\n/.next/\n/out/\n\n# production\n/build\n\n# misc\n.DS_Store\n*.pem\n\n# debug\nnpm-debug.log*\nyarn-debug.log*\nyarn-error.log*\n\n# local env files\n.env.local\n.env.development.local\n.env.test.local\n.env.production.local\n\n# vercel\n.vercel\n" }, { "path": ".archives/console/README.md", "content": "# [cors.sh/console](https://cors.sh/console) (`8824`)\n\n## Getting Started\n\nFirst, run the development server:\n\n```bash\nnpm run dev\n# or\nyarn dev\n```\n\nOpen [http://localhost:8824](http://localhost:8824) with your browser to see the result.\n\n## Scheduled Migration\n\nThe cors.sh/console is scheduled to be migrated to grida console (console.grida.co).\n" }, { "path": ".archives/console/babel.config.js", "content": "module.exports = {\n presets: [\"next/babel\", \"linaria/babel\"],\n plugins: [],\n};\n" }, { "path": ".archives/console/logo/index.tsx", "content": "import React from \"react\";\n\nexport function Logo({\n color = \"black\",\n width = 104,\n}: {\n width?: React.CSSProperties[\"width\"];\n color?: React.CSSProperties[\"color\"];\n}) {\n return (\n \n \n \n );\n}\n" }, { "path": ".archives/console/next-env.d.ts", "content": "/// \n/// \n\n// NOTE: This file should not be edited\n// see https://nextjs.org/docs/basic-features/typescript for more information.\n" }, { "path": ".archives/console/next.config.js", "content": "const withLinaria = require(\"next-linaria\");\nconst withTM = require(\"next-transpile-modules\")([\n \"@app/ui\",\n \"@cors.sh/service-api\",\n \"@editor-ui/console\",\n]);\n\n/**\n * @type {import('next').NextConfig}\n */\nconst nextconfig = {\n basePath: \"/console\",\n};\n\nmodule.exports = withTM(withLinaria(nextconfig));\n" }, { "path": ".archives/console/package.json", "content": "{\n \"name\": \"console.cors.sh\",\n \"version\": \"0.1.0\",\n \"private\": true,\n \"scripts\": {\n \"dev\": \"next dev -p 8824\",\n \"build\": \"next build\",\n \"start\": \"next start -p 8824\"\n },\n \"dependencies\": {\n \"@cors.sh/service-api\": \"0.0.0\",\n \"@editor-ui/console\": \"0.0.0\",\n \"@radix-ui/react-icons\": \"^1.1.1\",\n \"copy-to-clipboard\": \"^3.3.3\",\n \"framer-motion\": \"^8.1.3\",\n \"linaria\": \"^4.1.2\",\n \"next\": \"12.2.5\",\n \"next-linaria\": \"^0.11.0\",\n \"react\": \"18.2.0\",\n \"react-dom\": \"18.2.0\",\n \"react-hot-toast\": \"^2.4.0\"\n },\n \"devDependencies\": {\n \"@types/node\": \"^18.7.15\",\n \"@types/react\": \"18.0.18\",\n \"next-transpile-modules\": \"^9.0.0\",\n \"typescript\": \"4.8.2\"\n }\n}" }, { "path": ".archives/console/pages/[id].tsx", "content": "import React, { useEffect } from \"react\";\nimport styled from \"@emotion/styled\";\nimport { Pencil1Icon } from \"@radix-ui/react-icons\";\nimport client, { ApplicationWithApiKey } from \"@cors.sh/service-api\";\nimport { FormPageLayout, PageCloseButton } from \"@app/ui/layouts\";\nimport { Button, TextFormField } from \"@editor-ui/console\";\nimport { Logo } from \"logo\";\nimport { UnderlineButton } from \"@app/ui/components\";\nimport { ApiKeyReveal } from \"@app/ui/components\";\n\nexport default function ApplicationDetailPage({\n application,\n}: {\n application: ApplicationWithApiKey;\n}) {\n return (\n \n \n \n
\n \n
\n \n\n \n \n\n \n Archive application\n
\n \n );\n}\n\nfunction EditableTitle({ initialValue = \"\" }: { initialValue?: string }) {\n const [editing, setEditing] = React.useState(false);\n const [text, setText] = React.useState(initialValue);\n const ref = React.useRef(null);\n\n useEffect(() => {\n if (editing) {\n // select all\n ref.current?.focus();\n ref.current?.setSelectionRange(0, text.length);\n }\n }, [editing]);\n\n return (\n \n setEditing(true)}\n onBlur={() => setEditing(false)}\n ref={ref}\n readOnly={!editing}\n contentEditable\n onChange={(e) => {\n setText(e.target.value);\n }}\n onKeyDown={(e) => {\n if (e.key === \"Enter\") {\n setEditing(false);\n }\n }}\n value={text}\n />\n setEditing(true)}\n >\n \n \n \n );\n}\n\nconst TitleInputWrapper = styled.div`\n position: relative;\n display: flex;\n align-items: center;\n justify-content: space-between;\n gap: 8px;\n\n input {\n width: 100%;\n box-sizing: border-box;\n font-size: 24px;\n font-weight: bold;\n border: none;\n text-align: center;\n outline: none;\n }\n\n .edit-button {\n position: absolute;\n right: 0;\n top: 0;\n bottom: 0;\n margin: auto;\n opacity: 0;\n cursor: pointer;\n border: none;\n background: none;\n outline: none;\n transition: opacity 0.2s ease;\n }\n\n &:hover {\n .edit-button {\n opacity: 1;\n }\n }\n`;\n\nexport async function getServerSideProps(context: any) {\n const { id } = context.query;\n // const application = await client.getApplication(id);\n // return {\n // props: {\n // application,\n // },\n // };\n\n return {\n props: {\n application: {\n id,\n name: \"my-portfolio-website\",\n apikey_live: \"prod_1223-xasx-xxe2\",\n apikey_test: \"test_xxasdj-xxd9-x2hx\",\n },\n },\n };\n}\n" }, { "path": ".archives/console/pages/_app.tsx", "content": "import React from \"react\";\nimport { Toaster } from \"react-hot-toast\";\nimport \"../styles/globals.css\";\nimport type { AppProps } from \"next/app\";\n\nfunction App({ Component, pageProps }: AppProps) {\n return (\n <>\n \n \n \n );\n}\nexport default App;\n" }, { "path": ".archives/console/pages/index.tsx", "content": "import React from \"react\";\nimport styled from \"@emotion/styled\";\nimport Link from \"next/link\";\nimport { Logo } from \"logo\";\nimport { FormPageLayout } from \"@app/ui/layouts\";\nimport Head from \"next/head\";\nimport { ArrowRightIcon } from \"@radix-ui/react-icons\";\nimport { UnderlineButton } from \"@app/ui/components\";\n\nexport default function ConsoleIndex({\n applications,\n}: {\n applications: any[];\n}) {\n return (\n <>\n \n CORS.SH - Console\n \n \n \n
\n \n {applications.map((application) => (\n \n ))}\n \n
\n \n \n Create new application\n \n \n Manage subscription\n \n
\n \n \n );\n}\n\nconst ApplicationList = styled.div`\n display: flex;\n flex-direction: column;\n align-items: stretch;\n width: 100%;\n gap: 8px;\n`;\n\nfunction ApplicationItem({\n id,\n name,\n allowedOrigins,\n}: {\n id: string;\n name: string;\n allowedOrigins: string[];\n}) {\n return (\n \n \n \n {name} ({id})\n \n \n \n \n );\n}\n\nconst ItemWrap = styled.div`\n flex: 1;\n display: flex;\n cursor: pointer;\n justify-content: space-between;\n flex-direction: row;\n align-items: center;\n flex: none;\n border-radius: 4px;\n border: solid 1px rgba(0, 0, 0, 0.1);\n box-sizing: border-box;\n padding: 21px;\n\n &:hover {\n border: solid 1px rgba(0, 0, 0, 0.1);\n background-color: rgba(0, 0, 0, 0.02);\n box-shadow: 0 0 0 1px rgba(0, 0, 0, 0.1);\n }\n\n transition: all 0.2s ease-in-out;\n`;\n\nexport async function getServerSideProps(context: any) {\n // fetch all my applications\n return {\n props: {\n applications: [\n {\n id: \"1\",\n name: \"My app\",\n },\n {\n id: \"2\",\n name: \"My app 2\",\n },\n ],\n },\n };\n}\n" }, { "path": ".archives/console/pages/new.tsx", "content": "import React, { useEffect } from \"react\";\nimport { Button, TextFormField } from \"@editor-ui/console\";\nimport client from \"@cors.sh/service-api\";\nimport { useRouter } from \"next/router\";\nimport { FormPageLayout } from \"@app/ui/layouts\";\nexport default function NewApplicationPage() {\n const router = useRouter();\n const [name, setName] = React.useState(\"\");\n const [allowedOrigins, setAllowedOrigins] = React.useState(\"\");\n const [isBusy, setIsBusy] = React.useState(false);\n const [isValid, setIsValid] = React.useState(false);\n\n const validateUrls = (urls: string) => {\n const lines = urls.split(\",\").map((line) => line.trim());\n for (const line of lines) {\n try {\n new URL(line);\n } catch (e) {\n return false;\n }\n }\n return true;\n };\n\n const onCreateNewClick = () => {\n setIsBusy(true);\n client\n .createApplication({\n name: name,\n allowedOrigins: allowedOrigins\n .split(\",\")\n .map((origin) => origin.trim()),\n })\n .then((r) => {\n router.push({\n pathname: \"[id]\",\n query: { id: r.id },\n });\n })\n .finally(() => {\n setIsBusy(false);\n });\n };\n\n useEffect(() => {\n setIsValid(name.length > 0 && validateUrls(allowedOrigins));\n }, [name, allowedOrigins]);\n\n return (\n \n

Create new application

\n
\n \n \n
\n \n Create Project\n \n
\n \n );\n}\n" }, { "path": ".archives/console/styles/Home.module.css", "content": ".container {\n min-height: 100vh;\n padding: 0 0.5rem;\n display: flex;\n flex-direction: column;\n justify-content: center;\n align-items: center;\n height: 100vh;\n}\n\n.main {\n padding: 5rem 0;\n flex: 1;\n display: flex;\n flex-direction: column;\n justify-content: center;\n align-items: center;\n}\n\n.footer {\n width: 100%;\n height: 100px;\n border-top: 1px solid #eaeaea;\n display: flex;\n justify-content: center;\n align-items: center;\n}\n\n.footer a {\n display: flex;\n justify-content: center;\n align-items: center;\n flex-grow: 1;\n}\n\n.title a {\n color: #0070f3;\n text-decoration: none;\n}\n\n.title a:hover,\n.title a:focus,\n.title a:active {\n text-decoration: underline;\n}\n\n.title {\n margin: 0;\n line-height: 1.15;\n font-size: 4rem;\n}\n\n.title,\n.description {\n text-align: center;\n}\n\n.description {\n line-height: 1.5;\n font-size: 1.5rem;\n}\n\n.code {\n background: #fafafa;\n border-radius: 5px;\n padding: 0.75rem;\n font-size: 1.1rem;\n font-family: Menlo, Monaco, Lucida Console, Liberation Mono, DejaVu Sans Mono,\n Bitstream Vera Sans Mono, Courier New, monospace;\n}\n\n.grid {\n display: flex;\n align-items: center;\n justify-content: center;\n flex-wrap: wrap;\n max-width: 800px;\n margin-top: 3rem;\n}\n\n.card {\n margin: 1rem;\n padding: 1.5rem;\n text-align: left;\n color: inherit;\n text-decoration: none;\n border: 1px solid #eaeaea;\n border-radius: 10px;\n transition: color 0.15s ease, border-color 0.15s ease;\n width: 45%;\n}\n\n.card:hover,\n.card:focus,\n.card:active {\n color: #0070f3;\n border-color: #0070f3;\n}\n\n.card h2 {\n margin: 0 0 1rem 0;\n font-size: 1.5rem;\n}\n\n.card p {\n margin: 0;\n font-size: 1.25rem;\n line-height: 1.5;\n}\n\n.logo {\n height: 1em;\n margin-left: 0.5rem;\n}\n\n@media (max-width: 600px) {\n .grid {\n width: 100%;\n flex-direction: column;\n }\n}\n" }, { "path": ".archives/console/styles/globals.css", "content": "html,\nbody {\n padding: 0;\n margin: 0;\n font-family: -apple-system, BlinkMacSystemFont, Segoe UI, Roboto, Oxygen,\n Ubuntu, Cantarell, Fira Sans, Droid Sans, Helvetica Neue, sans-serif;\n}\n\na {\n color: inherit;\n text-decoration: none;\n}\n\n* {\n box-sizing: border-box;\n}\n" }, { "path": ".archives/console/tsconfig.json", "content": "{\n \"compilerOptions\": {\n \"target\": \"es5\",\n \"lib\": [\"dom\", \"dom.iterable\", \"esnext\"],\n \"allowJs\": true,\n \"skipLibCheck\": true,\n \"strict\": false,\n \"noImplicitAny\": false,\n \"forceConsistentCasingInFileNames\": true,\n \"noEmit\": true,\n \"esModuleInterop\": true,\n \"module\": \"esnext\",\n \"moduleResolution\": \"node\",\n \"resolveJsonModule\": true,\n \"isolatedModules\": true,\n \"jsx\": \"preserve\",\n \"incremental\": true,\n \"baseUrl\": \".\"\n },\n \"include\": [\"next-env.d.ts\", \"**/*.ts\", \"**/*.tsx\"],\n \"exclude\": [\"node_modules\"]\n}\n" }, { "path": ".archives/homepage/.gitignore", "content": "# See https://help.github.com/articles/ignoring-files/ for more about ignoring files.\n\n# dependencies\n/node_modules\n/.pnp\n.pnp.js\n\n# testing\n/coverage\n\n# next.js\n/.next/\n/out/\n\n# production\n/build\n\n# misc\n.DS_Store\n*.pem\n\n# debug\nnpm-debug.log*\nyarn-debug.log*\nyarn-error.log*\n\n# local env files\n.env.local\n.env.development.local\n.env.test.local\n.env.production.local\n\n# vercel\n.vercel\n\n# grida\n.env\n.grida" }, { "path": ".archives/homepage/README.md", "content": "This is a [Next.js](https://nextjs.org/) project bootstrapped with [`create-next-app`](https://github.com/vercel/next.js/tree/canary/packages/create-next-app).\n\n## Getting Started\n\nFirst, run the development server:\n\n```bash\nnpm run dev\n# or\nyarn dev\n```\n\nOpen [http://localhost:3000](http://localhost:3000) with your browser to see the result.\n\nYou can start editing the page by modifying `pages/index.js`. The page auto-updates as you edit the file.\n\n[API routes](https://nextjs.org/docs/api-routes/introduction) can be accessed on [http://localhost:3000/api/hello](http://localhost:3000/api/hello). This endpoint can be edited in `pages/api/hello.js`.\n\nThe `pages/api` directory is mapped to `/api/*`. Files in this directory are treated as [API routes](https://nextjs.org/docs/api-routes/introduction) instead of React pages.\n\n## Learn More\n\nTo learn more about Next.js, take a look at the following resources:\n\n- [Next.js Documentation](https://nextjs.org/docs) - learn about Next.js features and API.\n- [Learn Next.js](https://nextjs.org/learn) - an interactive Next.js tutorial.\n\nYou can check out [the Next.js GitHub repository](https://github.com/vercel/next.js/) - your feedback and contributions are welcome!\n\n## Deploy on Vercel\n\nThe easiest way to deploy your Next.js app is to use the [Vercel Platform](https://vercel.com/new?utm_medium=default-template&filter=next.js&utm_source=create-next-app&utm_campaign=create-next-app-readme) from the creators of Next.js.\n\nCheck out our [Next.js deployment documentation](https://nextjs.org/docs/deployment) for more details.\n" }, { "path": ".archives/homepage/babel.config.js", "content": "module.exports = {\n presets: [\"next/babel\", \"linaria/babel\"],\n plugins: [],\n};\n" }, { "path": ".archives/homepage/components/appbar/appbar-parent-site.tsx", "content": "import React from \"react\";\nimport styled from \"@emotion/styled\";\nimport Image from \"next/image\";\n/**\n * `` ('appbar-parent-site')\n * - [Open in Figma](https://figma.com/file/aPfdtNb1aGFIN9p05cmmVY?node-id=19:1937)\n * - [Open in Grida](https://code.grida.co/files/aPfdtNb1aGFIN9p05cmmVY?node=19:1937)\n *\n *\n * ---\n * @example\n * ```tsx\n * import React from \"react\";\n *\n * export default function () {\n * return (\n * <>\n * ๐Ÿ‘‡ instanciate widget like below. ๐Ÿ‘‡\n * \n * \n * )\n * }\n * ```\n * ---\n * @params {any} props - this widget does not requires props. you can pass custom dynamic props to the widget as you want (on typescript, it will raise type check issues).\n * ---\n * @preview\n * ![](https://figma-alpha-api.s3.us-west-2.amazonaws.com/images/1f5abd8c-95d5-4bd8-a931-e935de073cf7)\n * ---\n * @remarks\n * @see {@link https://grida.co/docs} for more information.\n * ---\n * Code generated by grida.co | engine 0.0.1 (Apache-2.0) | Generated code under CC0 (public domain) *This code is free to use, modify, and redistribute. (aknowledgment is not required)*\n *\n *\n * ![Made with Grida](https://bridged-service-static.s3.us-west-1.amazonaws.com/branding/logo/32.png)\n * \n * \n */\nexport function AppbarParentSite() {\n return (\n \n \n \n \n \n Grida\n \n \n );\n}\n\nconst RootWrapperAppbarParentSite = styled.a`\n cursor: pointer;\n background-color: black;\n position: relative;\n height: 50px;\n`;\n\nconst Home = styled.div`\n display: flex;\n justify-content: flex-start;\n flex-direction: row;\n align-items: center;\n gap: 8px;\n box-sizing: border-box;\n position: absolute;\n left: calc((calc((50% + -484px)) - 37px));\n top: 12px;\n width: 73px;\n height: 26px;\n`;\n\nconst Logo64 = styled.div`\n width: 25px;\n height: 26px;\n overflow: hidden;\n position: relative;\n`;\n\nconst LogoShapeOnly = styled.div`\n width: 25px;\n height: 25px;\n position: absolute;\n left: 0px;\n top: 0px;\n`;\n\nconst Union = styled.img`\n width: 25px;\n height: 25px;\n object-fit: cover;\n position: absolute;\n left: 0px;\n top: 0px;\n`;\n\nconst Grida = styled.span`\n color: white;\n text-overflow: ellipsis;\n font-size: 16px;\n font-family: Helvetica, sans-serif;\n font-weight: 700;\n letter-spacing: -1px;\n text-align: left;\n`;\n" }, { "path": ".archives/homepage/components/appbar/appbar.tsx", "content": "import React from \"react\";\nimport styled from \"@emotion/styled\";\nimport Image from \"next/image\";\nimport Link from \"next/link\";\nimport { useRouter } from \"next/router\";\n/**\n * `` ('appbar')\n * - [Open in Figma](https://figma.com/file/aPfdtNb1aGFIN9p05cmmVY?node-id=18:1889)\n * - [Open in Grida](https://code.grida.co/files/aPfdtNb1aGFIN9p05cmmVY?node=18:1889)\n *\n *\n * ---\n * @example\n * ```tsx\n * import React from \"react\";\n *\n * export default function () {\n * return (\n * <>\n * ๐Ÿ‘‡ instanciate widget like below. ๐Ÿ‘‡\n * \n * \n * )\n * }\n * ```\n * ---\n * @params {any} props - this widget does not requires props. you can pass custom dynamic props to the widget as you want (on typescript, it will raise type check issues).\n * ---\n * @preview\n * ![](https://figma-alpha-api.s3.us-west-2.amazonaws.com/images/d8000780-f44d-4ccf-b5da-f132856fc5aa)\n * ---\n * @remarks\n * @see {@link https://grida.co/docs} for more information.\n * ---\n * Code generated by grida.co | engine 0.0.1 (Apache-2.0) | Generated code under CC0 (public domain) *This code is free to use, modify, and redistribute. (aknowledgment is not required)*\n *\n *\n * ![Made with Grida](https://bridged-service-static.s3.us-west-1.amazonaws.com/branding/logo/32.png)\n * \n * \n */\nexport function Appbar() {\n const router = useRouter();\n const onGetStartedClick = () => {\n router.push(\"/get-started\");\n };\n\n return (\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n Get started\n \n \n \n \n );\n}\n\nconst MenuItem = ({ label, href }: { label: string; href: string }) => {\n return (\n \n \n {/* */}\n \n {label}\n \n {/* */}\n \n \n );\n};\n\nconst RootWrapperAppbar = styled.header`\n background-color: white;\n position: relative;\n z-index: 9;\n height: 80px;\n`;\n\nconst ContentFrame = styled.div`\n width: 1040px;\n overflow: hidden;\n position: absolute;\n left: calc((calc((50% + 0px)) - 520px));\n top: 0px;\n bottom: 0px;\n`;\n\nconst Leading = styled.div`\n display: flex;\n justify-content: flex-start;\n flex-direction: row;\n align-items: center;\n gap: 120px;\n box-sizing: border-box;\n position: absolute;\n left: 0px;\n top: calc((calc((50% + 0px)) - 30px));\n width: 732px;\n height: 60px;\n`;\n\nconst Home = styled.div`\n display: flex;\n justify-content: flex-start;\n flex-direction: row;\n align-items: center;\n flex: none;\n gap: 8px;\n box-sizing: border-box;\n`;\n\nconst Menus = styled.nav`\n display: flex;\n justify-content: flex-start;\n flex-direction: row;\n align-items: center;\n flex: none;\n gap: 36px;\n height: 60px;\n box-sizing: border-box;\n`;\n\nconst MenuContainer = styled(Link)`\n display: flex;\n justify-content: flex-start;\n flex-direction: row;\n align-items: flex-start;\n flex: none;\n box-sizing: border-box;\n`;\n\nconst BaseHeaderPrimaryMenu = styled.div`\n display: flex;\n justify-content: flex-start;\n flex-direction: column;\n align-items: flex-start;\n flex: none;\n gap: 16px;\n box-sizing: border-box;\n`;\n\nconst MenuMargin = styled.div`\n height: 2px;\n background-color: white;\n align-self: stretch;\n flex-shrink: 0;\n opacity: 0;\n`;\n\nconst MenuTextContainer = styled.div`\n display: flex;\n justify-content: center;\n flex-direction: row;\n align-items: center;\n flex: none;\n box-sizing: border-box;\n cursor: pointer;\n`;\n\nconst MenuText = styled.span`\n color: rgb(139, 139, 139);\n text-overflow: ellipsis;\n font-size: 16px;\n font-family: \"Helvetica Neue\", sans-serif;\n font-weight: 500;\n text-align: left;\n`;\n\nconst HeaderCtaSignupPlain = styled.div`\n display: flex;\n justify-content: flex-start;\n flex-direction: row;\n align-items: center;\n position: absolute;\n top: calc((calc((50% + 0px)) - 16px));\n right: 0px;\n min-width: 80px;\n height: 32px;\n`;\n\nconst HeaderCtaSignupPlain_0001 = styled.div`\n display: flex;\n justify-content: center;\n flex-direction: row;\n align-items: center;\n gap: 10px;\n border-radius: 35px;\n box-sizing: border-box;\n`;\n\nconst GetStarted = styled.span`\n cursor: pointer;\n color: black;\n text-overflow: ellipsis;\n font-size: 16px;\n font-family: Roboto, sans-serif;\n font-weight: 500;\n text-align: right;\n`;\n" }, { "path": ".archives/homepage/components/appbar/index.ts", "content": "export * from \"./appbar\";\nexport * from \"./appbar-parent-site\";\n" }, { "path": ".archives/homepage/components/button/index.tsx", "content": "import React, { forwardRef } from \"react\";\nimport styled from \"@emotion/styled\";\n\ntype Props = React.PropsWithRef<\n {\n onClick?: () => void;\n } & React.PropsWithChildren\n>;\n\nfunction _Button({\n children,\n // @ts-ignore\n ref,\n onClick,\n}: Props) {\n return (\n \n {children}\n \n );\n}\n\nexport const Button = forwardRef(_Button);\n\nconst ButtonBase = styled.button`\n background-color: black;\n border-radius: 2px;\n padding: 10px;\n color: white;\n font-size: 14px;\n font-family: Inter, sans-serif;\n font-weight: 400;\n border: none;\n outline: none;\n cursor: pointer;\n\n :hover {\n opacity: 0.8;\n }\n\n :disabled {\n opacity: 0.5;\n }\n\n :active {\n opacity: 1;\n }\n\n :focus {\n }\n`;\n" }, { "path": ".archives/homepage/components/chatwood/index.jsx", "content": "import React from \"react\";\n\nclass ChatwootWidget extends React.Component {\n componentDidMount() {\n // Add Chatwoot Settings\n window.chatwootSettings = {\n hideMessageBubble: false,\n position: \"right\", // This can be left or right\n locale: \"en\", // Language to be set\n type: \"standard\", // [standard, expanded_bubble]\n };\n\n // Paste the script from inbox settings except the \n \n \n \n \n \n \n \n \n\n \n \n \n );\n}\n\nfunction SeoMeta() {\n return (\n <>\n \n \n \n \n );\n}\n" }, { "path": ".archives/homepage/pages/_document.tsx", "content": "import { Head, Html, Main, NextScript } from \"next/document\";\n\nexport default function _Document() {\n return (\n \n \n \n {/* roboto mono */}\n \n {/* inter */}\n \n {/* Nanum Pen Script */}\n \n \n\n \n
\n \n \n \n );\n}\n" }, { "path": ".archives/homepage/pages/disclaimer.tsx", "content": "import React from \"react\";\n\nexport default function DisclaimerPage() {\n return <>Disclaimer;\n}\n" }, { "path": ".archives/homepage/pages/get-started/index.tsx", "content": "import React, { useCallback, useRef, useEffect } from \"react\";\nimport { useRouter } from \"next/router\";\nimport { FormPageLayout } from \"@app/ui/layouts\";\nimport { validateUrls } from \"@app/ui/utils\";\nimport {\n Button,\n FormFieldBase,\n FormFieldLabel,\n TextFormField,\n} from \"@editor-ui/console\";\nimport Select from \"react-select\";\nimport client from \"@cors.sh/service-api\";\nimport * as k from \"../../k\";\nimport { toast } from \"react-hot-toast\";\n\nexport default function GetstartedPage({ price: _price }: { price: string }) {\n const [name, setName] = React.useState(\"\");\n const [price, setPrice] = React.useState(_price);\n const [allowedOrigins, setAllowedOrigins] = React.useState(\"\");\n const [valid, setValid] = React.useState(false);\n const [isBusy, setIsBusy] = React.useState(false);\n const [isValid, setIsValid] = React.useState(false);\n const stateRef = useRef(_price);\n\n stateRef.current = price;\n\n const router = useRouter();\n\n const pricing_options = Object.values(pricing);\n\n const onPriceChange = (price: string) => {\n setPrice(price);\n };\n\n const onTypeKey = (key: string) => {\n // todo: validate key via api\n setValid(key.length > 10);\n };\n\n const onEnter = () => {\n // this is required because onEnter can also be invoked from input's callback\n if (valid) {\n onNextClick();\n }\n };\n\n useEffect(() => {\n setIsValid(name.length > 0 && validateUrls(allowedOrigins));\n }, [name, allowedOrigins]);\n\n const onNextClick = useCallback(async () => {\n setIsBusy(true);\n\n try {\n // log begin_checkout event\n const pricedata = pricing[price];\n\n // @ts-ignore\n window.gtag(\"event\", \"begin_checkout\", {\n value: pricedata.value,\n currency: pricedata.currency,\n items: [\n {\n item_id: pricedata.id,\n item_name: pricedata.label,\n },\n ],\n });\n } catch (e) {}\n\n try {\n // create onboarding application\n const form = {\n name: name ? name : undefined,\n allowedOrigins: allowedOrigins\n .split(\",\")\n .map((x) => x.trim())\n .filter(Boolean),\n priceId: price,\n };\n\n const application = await client.onboardingWithForm(form);\n\n const onboarding_id = application.id;\n\n // redirect user to payment page\n let redirect;\n switch (stateRef.current) {\n case k.PRICE_PAY_AS_YOU_GO: {\n // TODO: add stripe integration.\n redirect = \"https://forms.gle/GXDGPAoM9fhZrQh77\";\n break;\n }\n case k.PRICE_FREE_MONTHLY: {\n // the free plan does not require payments, so we can skip to create new project right away.\n redirect =\n window.location.protocol + window.location.host + \"/console/new\";\n break;\n }\n default: {\n let params = new URLSearchParams();\n params.append(\"onboarding_id\", onboarding_id);\n // TODO: multiple search params not supported by accounts.grida.co?redirect_uri=x\n\n redirect = k.SERVER_URL + \"/payments/checkout/new\" + \"?\" + params;\n\n break;\n }\n }\n\n router.replace(redirect);\n } catch (e) {\n toast.error(\"Oops. something went wrong. please try again.\");\n setIsBusy(false);\n }\n }, [name, allowedOrigins, price]);\n\n return (\n \n \n

Get started

\n

\n Ready to use cors.sh? select your plan and letโ€™s create your first\n project.
\n

\n

you can update the fields later

\n
\n
\n \n \n {/* pricing plan select */}\n\n \n Plan\n
\n {\n if (e.key === \"Enter\") {\n onEnter();\n }\n }}\n //\n onChange={(e) => {\n e && onPriceChange(e.id);\n }}\n value={pricing[price]}\n options={pricing_options}\n />\n
\n \n
\n \n Continue\n \n
\n \n\n // \n // \n // \n );\n}\n\nconst pricing = {\n [k.PRICE_PERSONAL_PRO_MONTHLY]: {\n id: k.PRICE_PERSONAL_PRO_MONTHLY,\n label: \"Pro - $4/Mo\",\n value: 4,\n currency: \"USD\",\n },\n [k.PRICE_PERSONAL_PRO_YEARLY]: {\n id: k.PRICE_PERSONAL_PRO_YEARLY,\n label: \"Pro - $3/Mo (Pay annualy, save $12)\",\n value: 36,\n currency: \"USD\",\n },\n [k.PRICE_ENTERPRISE_PRO_YEARLY]: {\n id: k.PRICE_ENTERPRISE_PRO_YEARLY,\n label: \"Enterprise - $499/Yr\",\n value: 499,\n currency: \"USD\",\n },\n // [k.PRICE_FREE_MONTHLY]: {\n // id: k.PRICE_FREE_MONTHLY,\n // label: \"Free\",\n // },\n // [k.PRICE_PAY_AS_YOU_GO]: {},\n} as const;\n\nexport async function getServerSideProps(context: any) {\n const { price } = context.query;\n\n const validate_price_id = (price_id: string | undefined): boolean => {\n return price_id?.startsWith(\"price_\") || false;\n };\n\n const _price = validate_price_id(price)\n ? price\n : k.PRICE_PERSONAL_PRO_MONTHLY;\n\n return {\n props: {\n price: _price,\n },\n };\n}\n" }, { "path": ".archives/homepage/pages/index.tsx", "content": "import React from \"react\";\nimport { AppbarGroup } from \"../grida/AppbarGroup\";\nimport { SectionDisclaimer } from \"../grida/SectionDisclaimer\";\nimport { SectionHero } from \"../grida/SectionHero\";\nimport { SectionPricing } from \"../grida/SectionPricing\";\nimport { SectionUsage } from \"../grida/SectionUsage\";\nimport ChatwootWidget from \"../components/chatwood\";\nimport { FooterCtaSection } from \"../components/cta-footer\";\nimport Head from \"next/head\";\n\nexport default function HomePage() {\n return (\n <>\n \n CORS.SH - A Fast & Reliable CORS Proxy for your websites\n \n \n \n \n \n {/* */}\n
\n \n \n \n
\n
\n \n \n \n \n
\n \n \n );\n}\n\nfunction ClientOnly({ children, ...delegated }: React.PropsWithChildren) {\n const [hasMounted, setHasMounted] = React.useState(false);\n React.useEffect(() => {\n setHasMounted(true);\n }, []);\n\n if (!hasMounted) {\n return null;\n }\n\n return
{children}
;\n}\n" }, { "path": ".archives/homepage/pages/oauth/callback.tsx", "content": "import React from \"react\";\nimport Axios from \"axios\";\n\nconst client = Axios.create({\n baseURL: \"https://accounts.grida.ngrok.io/oauth\",\n});\n\nexport default function OAuthCallbackPage(props: any) {\n return (\n <>\n

Signed in

\n

You may now close this page

\n 
\n        {JSON.stringify(props, null, 2)}\n
\n \n );\n}\n\nexport async function getServerSideProps(context: any) {\n const { code, state } = context.query;\n\n try {\n // TODO:\n const { data } = await client.get(\"/access_token\", {\n params: {\n client_id: \"cors.sh\",\n client_secret: process.env.GRIDA_OAUTH_CLIENT_SECRET,\n code,\n },\n });\n return {\n props: {\n ...data,\n },\n };\n } catch (e) {\n console.error(e);\n }\n\n return {\n props: {},\n };\n}\n" }, { "path": ".archives/homepage/pages/onboarding/[id].tsx", "content": "// TODO: rename this route to /onboarding/continue?id=\n\nimport Head from \"next/head\";\nimport React from \"react\";\n\nexport default function ContinueOnboardingWithVerification() {\n return (\n <>\n \n Redirecting..\n \n

Redirecting..

\n \n );\n}\n\nexport async function getServerSideProps() {\n //\n // TODO: fully implement.\n // for now, redirect to get-started\n return {\n redirect: {\n destination: \"/get-started\",\n permanent: false,\n },\n };\n}\n" }, { "path": ".archives/homepage/pages/onboarding/complete.tsx", "content": "import React, { useEffect } from \"react\";\nimport styled from \"@emotion/styled\";\nimport { Client, ApplicationWithApiKey } from \"@cors.sh/service-api\";\nimport Head from \"next/head\";\nimport { FormPageLayout, PageCloseButton } from \"@app/ui/layouts\";\nimport { CollapsibleInfoCard } from \"components\";\nimport { UnderlineButton } from \"@app/ui/components\";\nimport { Prism as SyntaxHighlighter } from \"react-syntax-highlighter\";\nimport { examples } from \"k\";\nimport { ApiKeyReveal } from \"@app/ui/components\";\n\nexport default function InitialOnboardingFinalPage({\n application,\n}: {\n application: ApplicationWithApiKey;\n}) {\n const demo_target_url =\n application.allowedOrigins[0] ?? \"https://example.com\";\n\n return (\n <>\n \n CORS.SH - Complete\n \n \n \n <>\n

\n Extend your api call with proxy.cors.sh\n

\n

\n \n We've sent you an email with the api key.\n
\n Please check your inbox :)\n \n
\n
\n Letโ€™s get rid of the cors errors with proxy.cors.sh like below.\n

\n
\n
\n {/* */}\n\n \n \n \n \n \n \n {/* \n
Useful resources
\n \n */}\n
\n
\n
\n \n Thank you for using cors.sh ๐Ÿ™\n\n {/* Move to dashboard\n I need help */}\n
\n \n \n \n );\n}\n\nfunction CodeExamples({ target, apikey }: { target: string; apikey: string }) {\n return (\n {examples.simplest(target, apikey)}\n );\n}\n\nfunction MoreCodeExamples({\n target,\n apikey,\n}: {\n target: string;\n apikey: string;\n}) {\n return {examples.axios(target, apikey)};\n}\n\nconst CodeBlock = styled(SyntaxHighlighter)`\n max-height: 240px;\n font-size: 12px !important;\n`;\n\n// \n// 
\n//     GET https://proxy.corsh.sh/https://instragram.com/posts/123\n//     
\n//     -h x-cors-api-key {apikey}\n//
\n// \n// const CodeBlock = styled.code`\n// background: black;\n// color: white;\n// border-radius: 4px;\n// padding: 20px;\n// display: block;\n// font-size: 12px;\n// line-height: 1.5;\n// font-family: monospace;\n// overflow: scroll;\n\n// pre {\n// margin: 0;\n// }\n// `;\n\nfunction VideoDemo() {\n return (\n
\n \n \n \n
\n );\n}\n\nexport async function getServerSideProps(context: any) {\n const { app, checkout_session_id } = context.query;\n\n if (!app) {\n return {\n redirect: {\n destination: \"/console\",\n permanent: false,\n },\n };\n }\n\n try {\n const client = new Client({\n \"x-cors-service-checkout-session-id\": checkout_session_id,\n });\n\n const application = await client.getApplication(app);\n\n return {\n props: {\n application,\n },\n };\n } catch (e) {\n console.error(e);\n // 404\n return {\n notFound: true,\n };\n }\n}\n" }, { "path": ".archives/homepage/pages/onboarding/index.tsx", "content": "import React, { useEffect } from \"react\";\nimport {\n Button,\n FormFieldBase,\n FormFieldLabel,\n TextFormField,\n} from \"@editor-ui/console\";\nimport Select from \"react-select\";\nimport client from \"@cors.sh/service-api\";\nimport { useRouter } from \"next/router\";\nimport { Cross2Icon } from \"@radix-ui/react-icons\";\nimport Head from \"next/head\";\nimport { FormPageLayout } from \"@app/ui/layouts\";\nimport { validateUrls } from \"@app/ui/utils\";\nimport { motion } from \"framer-motion\";\n\nexport default function NewApplicationPage() {\n const router = useRouter();\n const [step, setStep] = React.useState<\"signin\" | \"setup\">(\"signin\");\n\n function Body() {\n switch (step) {\n case \"signin\":\n return (\n {\n setStep(\"setup\");\n }}\n />\n );\n case \"setup\":\n return ;\n }\n }\n\n return (\n <>\n \n CORS.SH - First App\n \n \n {\n router.replace(\"/\");\n }}\n >\n \n \n \n \n \n );\n}\n\nfunction SigninForm({ onComplete }: { onComplete: () => void }) {\n const [tmpkey, setTmpkey] = React.useState(\"\");\n const [valid, setValid] = React.useState(false);\n\n const onTypeKey = (key: string) => {\n // todo: validate key via api\n setValid(key.length > 10);\n };\n\n const onEnter = () => {\n // this is required because onEnter can also be invoked from input's callback\n if (valid) {\n onComplete();\n }\n };\n\n return (\n <>\n

Enter your API key from your inbox to get started

\n
\n \n
\n
\n \n \n );\n}\n\nfunction SetupForm() {\n const router = useRouter();\n const [name, setName] = React.useState(\"\");\n const [allowedOrigins, setAllowedOrigins] = React.useState(\"\");\n const [isBusy, setIsBusy] = React.useState(false);\n const [isValid, setIsValid] = React.useState(false);\n const [isPricingVisible, setIsPricingVisible] = React.useState(false);\n\n const onEnter = () => {\n if (!isValid) {\n return;\n }\n setIsBusy(true);\n client\n .createApplication({\n name: name,\n allowedOrigins: allowedOrigins\n .split(\",\")\n .map((origin) => origin.trim()),\n })\n .then((r) => {\n router.push({\n pathname: \"[id]\",\n query: { id: r.id },\n });\n })\n .finally(() => {\n setIsBusy(false);\n });\n };\n\n useEffect(() => {\n setIsValid(name.length > 0 && validateUrls(allowedOrigins));\n }, [name, allowedOrigins]);\n\n useEffect(() => {\n if (isValid) {\n setTimeout(() => {\n setIsPricingVisible(true);\n }, 1800);\n }\n }, [isValid]);\n\n return (\n <>\n

Now, Let's configure your first application

\n
\n \n \n {/* pricing plan select */}\n \n \n Plan\n
\n {\n if (e.key === \"Enter\") {\n onEnter();\n }\n }}\n options={[\n { value: \"pro-monthly\", label: \"Pro - $4/Mo\" },\n {\n value: \"pro-yearly\",\n label: \"Pro - $3/Mo (Pay annualy, save $12)\",\n },\n ]}\n defaultValue={{ value: \"pro\", label: \"Pro - $4/Mo\" }}\n />\n
\n \n \n
\n \n
\n \n );\n}\n" }, { "path": ".archives/homepage/pages/onboarding/payment-success-with-issue.tsx", "content": "import React from \"react\";\nimport client from \"@cors.sh/service-api\";\nimport { Button } from \"@editor-ui/console\";\nimport Head from \"next/head\";\n\nexport default function PaymentSuccessButThereWasAProblem({\n error,\n message,\n session,\n application,\n}: {\n error: \"identity_conflict\" | string;\n message: string;\n session: string;\n application: {\n id: string;\n name: string;\n };\n}) {\n return (\n <>\n \n CORS.SH - Problem with your subscription\n \n \n

There was a problem with your subscription - \"{error}\"

\n\n
\n

{message}

\n\n
Your Information
\n

Copy the data below when you contact customer support

\n
\n \n 
session: {session}
\n 
\n            application: {application.id} ({application.name})\n
\n \n\n \n \n );\n}\n\nexport async function getServerSideProps(context: any) {\n const { error, message, session_id, application_id, onboarding_id } =\n context.query;\n if (!session_id || !application_id || !onboarding_id) {\n // invalid entry\n return {\n redirect: {\n destination: \"/\",\n permanent: false,\n },\n };\n }\n\n try {\n const application = await client.getOnboardingApplication(onboarding_id);\n return {\n props: {\n error,\n message,\n session: session_id || null,\n application,\n },\n };\n } catch (e) {\n // 404\n return {\n notFound: true,\n };\n }\n}\n" }, { "path": ".archives/homepage/pages/onboarding/payment-success.tsx", "content": "import React, { useEffect } from \"react\";\nimport client from \"@cors.sh/service-api\";\nimport { useRouter } from \"next/router\";\nimport Head from \"next/head\";\nimport { Button, TextFormField } from \"@editor-ui/console\";\nimport { FormPageLayout, PageCloseButton } from \"@app/ui/layouts\";\nimport { toast } from \"react-hot-toast\";\n\n// page redirected from stripe once the payment is successful\nexport default function PaymentSuccessPage({\n application,\n session,\n isOnboarding,\n}: {\n session: string;\n isOnboarding: boolean;\n application: {\n id: string;\n name: string;\n allowedOrigins: string[];\n };\n}) {\n const [isBusy, setBusy] = React.useState(false);\n const router = useRouter();\n\n useEffect(() => {\n // GA4 conversion - Purchase\n // @ts-ignore\n window.gtag(\"event\", \"purchase\", {\n transaction_id: session,\n value: 4,\n currency: \"USD\",\n //\n });\n }, []);\n\n const onNext = () => {\n setBusy(true);\n // convert to application.\n client\n .convertApplication(application.id, session)\n .then((d) => {\n // move to complete\n router.push({\n pathname: \"/onboarding/complete\",\n query: {\n app: d.id,\n checkout_session_id: session,\n },\n });\n })\n .catch((e) => {\n toast.error(\"Something went wrong. Please try again later.\");\n })\n .finally(() => {\n setBusy(false);\n });\n };\n\n return (\n <>\n \n CORS.SH - Complete\n \n \n \n <>\n

Thank you for your subscription

\n

\n You can now create as many project you want without unlimited hourly\n rate :)\n
\n
\n Letโ€™s finish up your first project.\n

\n
\n \n \n
\n \n
\n \n \n \n );\n}\n\nexport async function getServerSideProps(context: any) {\n const { session_id, application_id, customer_id, onboarding_id } =\n context.query;\n if (!session_id) {\n // invalid entry\n return {\n redirect: {\n destination: \"/\",\n permanent: false,\n },\n };\n }\n\n if (!onboarding_id) {\n return {\n redirect: {\n destination: \"/console\",\n permanent: false,\n },\n };\n }\n\n try {\n const application = await client.getOnboardingApplication(onboarding_id);\n return {\n props: {\n session: session_id || null,\n application,\n customer_id,\n },\n };\n } catch (e) {\n // 404\n return {\n notFound: true,\n };\n }\n}\n" }, { "path": ".archives/homepage/pages/too-many-requests.tsx", "content": "import React from \"react\";\nimport { PricingCardsList } from \"../layouts/pricing-card-list\";\nimport { StepLayout } from \"../layouts/step-layout\";\nimport * as k from \"../k\";\nexport default function TooMayRequestsPage() {\n return (\n
\n {}}\n nextPromptLabel=\"Sign in with Grida and continue\"\n >\n {}}\n />\n \n
\n );\n}\n" }, { "path": ".archives/homepage/public/robots.txt", "content": "# Block all crawlers for /console\nUser-agent: *\nDisallow: /console\n\n# Allow all crawlers\nUser-agent: *\nAllow: /" }, { "path": ".archives/homepage/styles/globals.css", "content": "html,\nbody {\n padding: 0;\n margin: 0;\n font-family: -apple-system, BlinkMacSystemFont, Segoe UI, Roboto, Oxygen,\n Ubuntu, Cantarell, Fira Sans, Droid Sans, Helvetica Neue, sans-serif;\n}\n\nh1,\nh2,\nh3,\nh4,\nh5,\nh6,\np {\n margin: 0;\n}\n\na {\n color: inherit;\n text-decoration: none;\n}\n\n* {\n box-sizing: border-box;\n}\n" }, { "path": ".archives/homepage/tsconfig.json", "content": "{\n \"compilerOptions\": {\n \"target\": \"es5\",\n \"lib\": [\"dom\", \"dom.iterable\", \"esnext\"],\n \"allowJs\": true,\n \"skipLibCheck\": true,\n \"strict\": true,\n \"forceConsistentCasingInFileNames\": true,\n \"noEmit\": true,\n \"esModuleInterop\": true,\n \"module\": \"esnext\",\n \"moduleResolution\": \"node\",\n \"resolveJsonModule\": true,\n \"isolatedModules\": true,\n \"jsx\": \"preserve\",\n \"incremental\": true,\n \"baseUrl\": \".\"\n },\n \"include\": [\"next-env.d.ts\", \"**/*.ts\", \"**/*.tsx\"],\n \"exclude\": [\"node_modules\"]\n}\n" }, { "path": ".github/ISSUE_TEMPLATE/apply-for-oss-program.yml", "content": "name: Apply for OSS Program\ndescription: Apply your OSS Project for free pro-plan of cors.sh\ntitle: \"[Application] for my OSS Project\"\nlabels: [application]\nassignees: [softmarshmallow]\nbody:\n- type: checkboxes\n attributes:\n label: You are applying for validated OSS program\n description: Please ensure your project is open to public.\n options:\n - label: My project is OSS licensed and open to public. (Must have LICENSE file)\n required: true\n - label: My project has more than **10 โญ๏ธstars** on Github, which is the required for this program.\n required: true\n- type: textarea\n attributes:\n label: Repository URL to your project\n description: Copy & paste url to your project repo\n validations:\n required: true\n- type: textarea\n attributes:\n label: URL to your website\n description: Please let us know the url to your website if you have one.\n validations:\n required: false\n- type: textarea\n attributes:\n label: Expected Quota of usage\n description: How much API calls do you expect to occur via your site?\n validations:\n required: true\n- type: textarea\n attributes:\n label: Details\n description: |\n examples:\n - **Category**: Blockchain\n - **License**: MIT\n - **Date of release**: 12/25/2023\n value: |\n - Category:\n - License:\n - Date of release:\n render: markdown\n validations:\n required: false\n- type: textarea\n attributes:\n label: Anything else?\n description: |\n Links? References? Anything that will give us more context about the project!\n\n Tip: You can attach images or log files by clicking this area to highlight it and then dragging files in.\n validations:\n required: false\n- type: markdown\n attributes:\n value: |\n Before you continue..\n \n - I made my repo open to public\n - My repo clearly states the license\n - I will **star** cors.sh (this repo)\n - I will follow Grida on Github\n \n \n \n" }, { "path": ".github/ISSUE_TEMPLATE/bug_report.md", "content": "---\nname: Bug report\nabout: Create a report to help us improve\ntitle: ''\nlabels: ''\nassignees: ''\n\n---\n\n**Describe the bug**\nA clear and concise description of what the bug is.\n\n**To Reproduce**\nSteps to reproduce the behavior:\n1. Go to '...'\n2. Click on '....'\n3. Scroll down to '....'\n4. See error\n\n**Expected behavior**\nA clear and concise description of what you expected to happen.\n\n**Screenshots**\nIf applicable, add screenshots to help explain your problem.\n\n**Desktop (please complete the following information):**\n - OS: [e.g. iOS]\n - Browser [e.g. chrome, safari]\n - Version [e.g. 22]\n\n**Smartphone (please complete the following information):**\n - Device: [e.g. iPhone6]\n - OS: [e.g. iOS8.1]\n - Browser [e.g. stock browser, safari]\n - Version [e.g. 22]\n\n**Additional context**\nAdd any other context about the problem here.\n" }, { "path": ".github/ISSUE_TEMPLATE/feature_request.md", "content": "---\nname: Feature request\nabout: Suggest an idea for this project\ntitle: ''\nlabels: ''\nassignees: ''\n\n---\n\n**Is your feature request related to a problem? Please describe.**\nA clear and concise description of what the problem is. Ex. I'm always frustrated when [...]\n\n**Describe the solution you'd like**\nA clear and concise description of what you want to happen.\n\n**Describe alternatives you've considered**\nA clear and concise description of any alternative solutions or features you've considered.\n\n**Additional context**\nAdd any other context or screenshots about the feature request here.\n" }, { "path": ".gitignore", "content": "# Logs\nlogs\n*.log\nnpm-debug.log*\nyarn-debug.log*\nyarn-error.log*\nlerna-debug.log*\npackage-lock.json\n\n# Diagnostic reports (https://nodejs.org/api/report.html)\nreport.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json\n\n# Runtime data\npids\n*.pid\n*.seed\n*.pid.lock\n\n# Directory for instrumented libs generated by jscoverage/JSCover\nlib-cov\n\n# Coverage directory used by tools like istanbul\ncoverage\n*.lcov\n\n# nyc test coverage\n.nyc_output\n\n# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)\n.grunt\n\n# Bower dependency directory (https://bower.io/)\nbower_components\n\n# node-waf configuration\n.lock-wscript\n\n# Compiled binary addons (https://nodejs.org/api/addons.html)\nbuild/Release\n\n# Dependency directories\nnode_modules/\njspm_packages/\n\n# TypeScript v1 declaration files\ntypings/\n\n# TypeScript cache\n*.tsbuildinfo\n\n# Optional npm cache directory\n.npm\n\n# Optional eslint cache\n.eslintcache\n\n# Microbundle cache\n.rpt2_cache/\n.rts2_cache_cjs/\n.rts2_cache_es/\n.rts2_cache_umd/\n\n# Optional REPL history\n.node_repl_history\n\n# Output of 'npm pack'\n*.tgz\n\n# Yarn Integrity file\n.yarn-integrity\n\n# dotenv environment variables file\n.env\n.env.test\n\n# parcel-bundler cache (https://parceljs.org/)\n.cache\n\n# Next.js build output\n.next\n\n# Nuxt.js build / generate output\n.nuxt\ndist\n\n# Gatsby files\n.cache/\n# Comment in the public line in if your project uses Gatsby and *not* Next.js\n# https://nextjs.org/blog/next-9-1#public-directory-support\n# public\n\n# vuepress build output\n.vuepress/dist\n\n# Serverless directories\n.serverless/\n\n# FuseBox cache\n.fusebox/\n\n# DynamoDB Local files\n.dynamodb/\n\n# TernJS port file\n.tern-port\n\n# .DS_Store\n.DS_Store" }, { "path": ".gitmodules", "content": "[submodule \"packages/editor-ui\"]\n\tpath = packages/editor-ui\n\turl = https://github.com/reflect-ui/reflect-editor-ui\n" }, { "path": ".nvmrc", "content": "v20.9.0" }, { "path": ".vscode/settings.json", "content": "{\n \"files.exclude\": {\n \"**/.git\": true,\n \"**/.svn\": true,\n \"**/.hg\": true,\n \"**/CVS\": true,\n \"**/.DS_Store\": true,\n \"**/Thumbs.db\": true,\n \"**/node_modules\": true\n },\n \"search.exclude\": {\n \"**/node_modules\": true,\n \"**/.build\": true,\n \"**/.lock\": true,\n \"**/*.code-search\": true\n }\n}\n" }, { "path": "LICENSE", "content": "MIT License\n\nCopyright (c) 2022 Grida\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n" }, { "path": "README.md", "content": "# cors.sh\n\n![cors.sh](./branding/artwork_cors.sh.jpg)\n\nThe only cors proxy service all you'll ever need.\n\n| [Website](https://cors.sh) | [Proxy (proxy.cors.sh)](https://proxy.cors.sh) | [Playground](https://cors.sh/playground) | [Docs](https://cors.sh/docs) |\n\n## Usage\n\n**Quick testing**\nUse [cors.sh/playground](https://cors.sh/playground) for testing out your cors blocked request.\n\n**JS**\n\nAdd `proxy.cors.sh` to your request. For example,\n\n```js\nfetch(\"https://proxy.cors.sh/https://example.com/\");\n```\n\n## [`cors.sh/playground`](https://cors.sh/playground), The testing environment (forked from hoppscotch)\n\n- [cors.sh/playground](https://cors.sh/playground)\n- [gridaco/playground.cors.sh](https://github.com/gridaco/playground.cors.sh)\n- [hoppscotch/hoppscotch](https://github.com/hoppscotch/hoppscotch)\n\n\n## Projects using CORS.SH\n- https://github.com/IMGROOT2/algo\n- https://github.com/alejandroch1202/dollar-monitor\n- https://github.com/Iconem/search-satellite-imagery/\n- https://github.com/PavelLaptev/JSON-to-Figma\n- https://github.com/TomRadford/shootdrop\n\n\n\n## Contributing\n\n```bash\n# clone initially\ngit clone --recurse-submodules https://github.com/gridaco/cors.sh\n# updating submodules (once required)\ngit submodule update --init --recursive\n```\n\n## Disclaimer\n\n1. This project's intend is to serve developers a reliable cors proxy service with fast response for their development.\n Using a cors proxy service to connect to your own server is not a best practice.\n We'll consistently optimize our service infra to keep the paid version affordable as possible.\n\n2. The original code behind cors proxy is by Rob wu's cors-anywhere and the playground is forked from hoppscotch. both licensed under MIT, and our project cors.sh is also licensed under MIT License.\n\n\n## TODOs\n\n- Cost optimization - make it more cheap & provide free version to all.\n- Management console - Enable usesrs to create projects as much as they want.\n- OSS Application pipeline - Make OSS developers to get their api key right-on and get verified later.\n" }, { "path": "branding/readme.md", "content": "# branding resources accross the site\n\n- favicon.ico - for `/`, `/docs`, `/playground`\n" }, { "path": "cli/bin.ts", "content": "import yargs from \"yargs\";\nimport { hideBin } from \"yargs/helpers\";\nimport { checkForUpdate } from \"./update\";\n\nexport default async function cli() {\n await checkForUpdate();\n yargs(hideBin(process.argv))\n .option(\"cwd\", {\n type: \"string\",\n default: process.cwd(),\n requiresArg: false,\n })\n .option(\"dry-run\", {\n type: \"boolean\",\n default: false,\n requiresArg: false,\n })\n .global([\"cwd\", \"dry-run\"])\n .command(\n \"init\",\n \"init grida project\",\n () => {},\n ({ cwd }) => {\n // init(cwd);\n }\n )\n .demandCommand(1)\n .parse();\n}\n" }, { "path": "cli/index.ts", "content": "#!/usr/bin/env node\n\nimport cli from \"./bin\";\n\nprocess.on(\"SIGINT\", () => {\n process.exit(0); // now the \"exit\" event will fire\n});\n\n// if main\nif (require.main === module) {\n cli();\n}\n" }, { "path": "cli/jes.config.js", "content": "/** @type {import('ts-jest/dist/types').InitialOptionsTsJest} */\nmodule.exports = {\n preset: \"ts-jest\",\n testEnvironment: \"node\",\n};\n" }, { "path": "cli/package.json", "content": "{\n \"name\": \"@cors.sh/cli\",\n \"version\": \"0.0.1\",\n \"private\": false,\n \"license\": \"Apache-2.0\",\n \"description\": \"cors.sh cli\",\n \"homepage\": \"https://cors.sh\",\n \"repository\": \"https://github.com/gridaco/cors.sh\",\n \"dependencies\": {\n \"@base-sdk-fp/auth\": \"^0.1.4\",\n \"boxen\": \"^7.0.0\",\n \"dotenv\": \"^16.0.1\",\n \"enquirer\": \"^2.3.6\",\n \"keytar\": \"^7.9.0\",\n \"node-fetch\": \"^3.2.10\",\n \"node-machine-id\": \"^1.1.12\",\n \"open\": \"^8.4.0\",\n \"ora\": \"^5.4.0\",\n \"yargs\": \"^17.2.1\"\n },\n \"scripts\": {\n \"clean\": \"rimraf dist\",\n \"dev\": \"ts-node index.ts\",\n \"dev:watch\": \"ts-node-dev index.ts --watch\",\n \"test\": \"jest\",\n \"build\": \"ncc build index.ts -o dist -e keytar -e glob -e dotenv\",\n \"prepack\": \"yarn test && yarn clean && yarn build\"\n },\n \"devDependencies\": {\n \"@types/glob\": \"^7.2.0\",\n \"@types/node\": \"^18.6.1\",\n \"@types/semver\": \"^7.3.10\",\n \"@types/which\": \"^2.0.1\",\n \"@types/yargs\": \"^17.0.3\",\n \"@vercel/ncc\": \"^0.34.0\",\n \"jest\": \"^28.1.3\",\n \"ts-jest\": \"^28.0.7\",\n \"ts-node\": \"^10.9.1\",\n \"ts-node-dev\": \"^2.0.0\",\n \"typescript\": \"^4.7.4\"\n },\n \"bin\": {\n \"cors\": \"./dist/index.js\"\n },\n \"files\": [\n \"dist\",\n \"README.md\",\n \"LICENSE\"\n ],\n \"publishConfig\": {\n \"access\": \"public\"\n }\n}" }, { "path": "cli/readme.md", "content": "# cors.sh management cli\n\n- cors list project\n- cors new project\n- cors edit project ``\n" }, { "path": "cli/tsconfig.json", "content": "{\n \"compilerOptions\": {\n \"target\": \"ES2015\",\n \"outDir\": \"dist\",\n \"module\": \"CommonJS\",\n \"strict\": false,\n \"resolveJsonModule\": true,\n \"esModuleInterop\": true,\n \"moduleResolution\": \"node\"\n },\n \"exclude\": [\"dist\", \"node_modules\", \"**/*.spec.ts\", \"__test__\"]\n}\n" }, { "path": "cli/update/index.ts", "content": "import { version, name } from \"../version\";\nimport boxen from \"boxen\";\nimport semver from \"semver\";\nimport fetch from \"node-fetch\";\nimport chalk from \"chalk\";\n\n/**\n *\n */\nexport async function checkForUpdate() {\n // fetch latest version from npm\n const { version: latestVersion } = (await (\n await fetch(`https://registry.npmjs.org/${name}/latest`)\n ).json()) as { version: string };\n\n // compare versions\n if (semver.gt(latestVersion, version)) {\n // show update message\n console.log(makeUpdateMessage({ latest: latestVersion }));\n }\n}\n\nfunction makeUpdateMessage({ latest }: { latest: string }): string {\n return boxen(\n `${name} ${chalk.green(`v${latest}`)} is now available!\nRun \\`${chalk.green(`npm i -g ${name}`)}\\` to update.`,\n {\n padding: 1,\n margin: 1,\n borderStyle: \"classic\",\n textAlignment: \"center\",\n }\n );\n}\n" }, { "path": "cli/version/index.ts", "content": "import { version, name } from \"../package.json\";\n\nexport { version, name };\n" }, { "path": "design/readme.md", "content": "# cors.sh design\n\n## Figma file\n\n- https://www.figma.com/file/aPfdtNb1aGFIN9p05cmmVY/cors.sh\n" }, { "path": "docs/.gitignore", "content": "# Dependencies\n/node_modules\n\n# Production\n/build\n\n# Generated files\n.docusaurus\n.cache-loader\n\n# Misc\n.DS_Store\n.env.local\n.env.development.local\n.env.test.local\n.env.production.local\n\nnpm-debug.log*\nyarn-debug.log*\nyarn-error.log*\n" }, { "path": "docs/README.md", "content": "# Website\n\nThis website is built using [Docusaurus 2](https://docusaurus.io/), a modern static website generator.\n\n### Installation\n\n```\n$ yarn\n```\n\n### Local Development\n\n```\n$ yarn start\n```\n\nThis command starts a local development server and opens up a browser window. Most changes are reflected live without having to restart the server.\n\n### Build\n\n```\n$ yarn build\n```\n\nThis command generates static content into the `build` directory and can be served using any static contents hosting service.\n\n### Deployment\n\nUsing SSH:\n\n```\n$ USE_SSH=true yarn deploy\n```\n\nNot using SSH:\n\n```\n$ GIT_USER= yarn deploy\n```\n\nIf you are using GitHub pages for hosting, this command is a convenient way to build the website and push to the `gh-pages` branch.\n" }, { "path": "docs/babel.config.js", "content": "module.exports = {\n presets: [require.resolve('@docusaurus/core/lib/babel/preset')],\n};\n" }, { "path": "docs/blog/2019-05-28-first-blog-post.md", "content": "---\nslug: first-blog-post\ntitle: First Blog Post\nauthors:\n name: Gao Wei\n title: Docusaurus Core Team\n url: https://github.com/wgao19\n image_url: https://github.com/wgao19.png\ntags: [hola, docusaurus]\n---\n\nLorem ipsum dolor sit amet, consectetur adipiscing elit. Pellentesque elementum dignissim ultricies. Fusce rhoncus ipsum tempor eros aliquam consequat. Lorem ipsum dolor sit amet\n" }, { "path": "docs/blog/2019-05-29-long-blog-post.md", "content": "---\nslug: long-blog-post\ntitle: Long Blog Post\nauthors: endi\ntags: [hello, docusaurus]\n---\n\nThis is the summary of a very long blog post,\n\nUse a `` comment to limit blog post size in the list view.\n\n\n\nLorem ipsum dolor sit amet, consectetur adipiscing elit. Pellentesque elementum dignissim ultricies. Fusce rhoncus ipsum tempor eros aliquam consequat. Lorem ipsum dolor sit amet\n\nLorem ipsum dolor sit amet, consectetur adipiscing elit. Pellentesque elementum dignissim ultricies. Fusce rhoncus ipsum tempor eros aliquam consequat. Lorem ipsum dolor sit amet\n\nLorem ipsum dolor sit amet, consectetur adipiscing elit. Pellentesque elementum dignissim ultricies. Fusce rhoncus ipsum tempor eros aliquam consequat. Lorem ipsum dolor sit amet\n\nLorem ipsum dolor sit amet, consectetur adipiscing elit. Pellentesque elementum dignissim ultricies. Fusce rhoncus ipsum tempor eros aliquam consequat. Lorem ipsum dolor sit amet\n\nLorem ipsum dolor sit amet, consectetur adipiscing elit. Pellentesque elementum dignissim ultricies. Fusce rhoncus ipsum tempor eros aliquam consequat. Lorem ipsum dolor sit amet\n\nLorem ipsum dolor sit amet, consectetur adipiscing elit. Pellentesque elementum dignissim ultricies. Fusce rhoncus ipsum tempor eros aliquam consequat. Lorem ipsum dolor sit amet\n\nLorem ipsum dolor sit amet, consectetur adipiscing elit. Pellentesque elementum dignissim ultricies. Fusce rhoncus ipsum tempor eros aliquam consequat. Lorem ipsum dolor sit amet\n\nLorem ipsum dolor sit amet, consectetur adipiscing elit. Pellentesque elementum dignissim ultricies. Fusce rhoncus ipsum tempor eros aliquam consequat. Lorem ipsum dolor sit amet\n\nLorem ipsum dolor sit amet, consectetur adipiscing elit. Pellentesque elementum dignissim ultricies. Fusce rhoncus ipsum tempor eros aliquam consequat. Lorem ipsum dolor sit amet\n\nLorem ipsum dolor sit amet, consectetur adipiscing elit. Pellentesque elementum dignissim ultricies. Fusce rhoncus ipsum tempor eros aliquam consequat. Lorem ipsum dolor sit amet\n\nLorem ipsum dolor sit amet, consectetur adipiscing elit. Pellentesque elementum dignissim ultricies. Fusce rhoncus ipsum tempor eros aliquam consequat. Lorem ipsum dolor sit amet\n\nLorem ipsum dolor sit amet, consectetur adipiscing elit. Pellentesque elementum dignissim ultricies. Fusce rhoncus ipsum tempor eros aliquam consequat. Lorem ipsum dolor sit amet\n\nLorem ipsum dolor sit amet, consectetur adipiscing elit. Pellentesque elementum dignissim ultricies. Fusce rhoncus ipsum tempor eros aliquam consequat. Lorem ipsum dolor sit amet\n\nLorem ipsum dolor sit amet, consectetur adipiscing elit. Pellentesque elementum dignissim ultricies. Fusce rhoncus ipsum tempor eros aliquam consequat. Lorem ipsum dolor sit amet\n\nLorem ipsum dolor sit amet, consectetur adipiscing elit. Pellentesque elementum dignissim ultricies. Fusce rhoncus ipsum tempor eros aliquam consequat. Lorem ipsum dolor sit amet\n\nLorem ipsum dolor sit amet, consectetur adipiscing elit. Pellentesque elementum dignissim ultricies. Fusce rhoncus ipsum tempor eros aliquam consequat. Lorem ipsum dolor sit amet\n" }, { "path": "docs/blog/2021-08-01-mdx-blog-post.mdx", "content": "---\nslug: mdx-blog-post\ntitle: MDX Blog Post\nauthors: [slorber]\ntags: [docusaurus]\n---\n\nBlog posts support [Docusaurus Markdown features](https://docusaurus.io/docs/markdown-features), such as [MDX](https://mdxjs.com/).\n\n:::tip\n\nUse the power of React to create interactive blog posts.\n\n```js\n\n```\n\n\n\n:::\n" }, { "path": "docs/blog/2021-08-26-welcome/index.md", "content": "---\nslug: welcome\ntitle: Welcome\nauthors: [slorber, yangshun]\ntags: [facebook, hello, docusaurus]\n---\n\n[Docusaurus blogging features](https://docusaurus.io/docs/blog) are powered by the [blog plugin](https://docusaurus.io/docs/api/plugins/@docusaurus/plugin-content-blog).\n\nSimply add Markdown files (or folders) to the `blog` directory.\n\nRegular blog authors can be added to `authors.yml`.\n\nThe blog post date can be extracted from filenames, such as:\n\n- `2019-05-30-welcome.md`\n- `2019-05-30-welcome/index.md`\n\nA blog post folder can be convenient to co-locate blog post images:\n\n![Docusaurus Plushie](./docusaurus-plushie-banner.jpeg)\n\nThe blog supports tags as well!\n\n**And if you don't want a blog**: just delete this directory, and use `blog: false` in your Docusaurus config.\n" }, { "path": "docs/blog/authors.yml", "content": "endi:\n name: Endilie Yacop Sucipto\n title: Maintainer of Docusaurus\n url: https://github.com/endiliey\n image_url: https://github.com/endiliey.png\n\nyangshun:\n name: Yangshun Tay\n title: Front End Engineer @ Facebook\n url: https://github.com/yangshun\n image_url: https://github.com/yangshun.png\n\nslorber:\n name: Sรฉbastien Lorber\n title: Docusaurus maintainer\n url: https://sebastienlorber.com\n image_url: https://github.com/slorber.png\n" }, { "path": "docs/docs/guides/_category_.json", "content": "{\n \"label\": \"Guides\",\n \"position\": 4,\n \"link\": {\n \"type\": \"generated-index\",\n \"description\": \"Popular use cases of cors proxy\"\n }\n}" }, { "path": "docs/docs/guides/api-instagram/index.md", "content": "---\nsidebar_position: 9\n---\n\n# For instagram api\n" }, { "path": "docs/docs/guides/api-tiktok/index.md", "content": "---\nsidebar_position: 9\n---\n\n# For tiktok api\n" }, { "path": "docs/docs/guides/figma-plugin/index.md", "content": "---\ntitle: For Figma plugin\nsidebar_position: 1\n---\n\n# CORS Proxy for developing your figma plugin\n\n## Examples\n\nFigma Assistant by Grida\n\nWe've initially made cors.sh for use of our own. The assistant uses cors.sh for requesting to our server.\n" }, { "path": "docs/docs/guides/shopify-app/index.md", "content": "---\ntitle: For Shopify app\nsidebar_position: 2\n---\n\n# CORS Proxy for developing your shopify app\n\nShopify app\n" }, { "path": "docs/docs/intro.md", "content": "---\nsidebar_position: 1\n---\n\n# Tutorial Intro\n\nLet's discover **Docusaurus in less than 5 minutes**.\n\n## Getting Started\n\nGet started by **creating a new site**.\n\nOr **try Docusaurus immediately** with **[docusaurus.new](https://docusaurus.new)**.\n\n### What you'll need\n\n- [Node.js](https://nodejs.org/en/download/) version 16.14 or above:\n - When installing Node.js, you are recommended to check all checkboxes related to dependencies.\n\n## Generate a new site\n\nGenerate a new Docusaurus site using the **classic template**.\n\nThe classic template will automatically be added to your project after you run the command:\n\n```bash\nnpm init docusaurus@latest my-website classic\n```\n\nYou can type this command into Command Prompt, Powershell, Terminal, or any other integrated terminal of your code editor.\n\nThe command also installs all necessary dependencies you need to run Docusaurus.\n\n## Start your site\n\nRun the development server:\n\n```bash\ncd my-website\nnpm run start\n```\n\nThe `cd` command changes the directory you're working with. In order to work with your newly created Docusaurus site, you'll need to navigate the terminal there.\n\nThe `npm run start` command builds your website locally and serves it through a development server, ready for you to view at http://localhost:3000/.\n\nOpen `docs/intro.md` (this page) and edit some lines: the site **reloads automatically** and displays your changes.\n" }, { "path": "docs/docs/migrate-from-cors.bridged.cc.md", "content": "# Migrate from cors.bridged.cc\n\nIf you are a `cors.bridged.cc` user, you will have api key in shape like this `xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx`\n\nYou can use the same api key for `cors.sh`, but this will no longer work from October 30, 2022.\n\nTo migrate, create new app from cors.sh console and replace the api key from your web app project.\n\n**ACTION REQUIRED:**\n\n- register new app on cors.sh\n- replace the existing api key in your web project issued from cors.sh on previous step\n- replace `cors.bridged.cc` to `api.cors.sh`\n\nFor example with cURL,\n\nPrevious\n\n```curl\nGET https://cors.bridged.cc/https://google.com\n-H 'cors-api-key: xxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx'\n```\n\nTo..\n\n```curl\nGET https://api.cors.sh/https://google.com\n-H 'cors-api-key: live_xxxx-xxxx-xxxx-xxxx'\n```\n" }, { "path": "docs/docs/tutorial-basics/_category_.json", "content": "{\n \"label\": \"Tutorial - Basics\",\n \"position\": 2,\n \"link\": {\n \"type\": \"generated-index\",\n \"description\": \"5 minutes to learn the most important Docusaurus concepts.\"\n }\n}\n" }, { "path": "docs/docs/tutorial-basics/congratulations.md", "content": "---\nsidebar_position: 6\n---\n\n# Congratulations!\n\nYou have just learned the **basics of Docusaurus** and made some changes to the **initial template**.\n\nDocusaurus has **much more to offer**!\n\nHave **5 more minutes**? Take a look at **[versioning](../tutorial-extras/manage-docs-versions.md)** and **[i18n](../tutorial-extras/translate-your-site.md)**.\n\nAnything **unclear** or **buggy** in this tutorial? [Please report it!](https://github.com/facebook/docusaurus/discussions/4610)\n\n## What's next?\n\n- Read the [official documentation](https://docusaurus.io/).\n- Add a custom [Design and Layout](https://docusaurus.io/docs/styling-layout)\n- Add a [search bar](https://docusaurus.io/docs/search)\n- Find inspirations in the [Docusaurus showcase](https://docusaurus.io/showcase)\n- Get involved in the [Docusaurus Community](https://docusaurus.io/community/support)\n" }, { "path": "docs/docs/tutorial-basics/create-a-blog-post.md", "content": "---\nsidebar_position: 3\n---\n\n# Create a Blog Post\n\nDocusaurus creates a **page for each blog post**, but also a **blog index page**, a **tag system**, an **RSS** feed...\n\n## Create your first Post\n\nCreate a file at `blog/2021-02-28-greetings.md`:\n\n```md title=\"blog/2021-02-28-greetings.md\"\n---\nslug: greetings\ntitle: Greetings!\nauthors:\n - name: Joel Marcey\n title: Co-creator of Docusaurus 1\n url: https://github.com/JoelMarcey\n image_url: https://github.com/JoelMarcey.png\n - name: Sรฉbastien Lorber\n title: Docusaurus maintainer\n url: https://sebastienlorber.com\n image_url: https://github.com/slorber.png\ntags: [greetings]\n---\n\nCongratulations, you have made your first post!\n\nFeel free to play around and edit this post as much you like.\n```\n\nA new blog post is now available at [http://localhost:3000/blog/greetings](http://localhost:3000/blog/greetings).\n" }, { "path": "docs/docs/tutorial-basics/create-a-document.md", "content": "---\nsidebar_position: 2\n---\n\n# Create a Document\n\nDocuments are **groups of pages** connected through:\n\n- a **sidebar**\n- **previous/next navigation**\n- **versioning**\n\n## Create your first Doc\n\nCreate a Markdown file at `docs/hello.md`:\n\n```md title=\"docs/hello.md\"\n# Hello\n\nThis is my **first Docusaurus document**!\n```\n\nA new document is now available at [http://localhost:3000/docs/hello](http://localhost:3000/docs/hello).\n\n## Configure the Sidebar\n\nDocusaurus automatically **creates a sidebar** from the `docs` folder.\n\nAdd metadata to customize the sidebar label and position:\n\n```md title=\"docs/hello.md\" {1-4}\n---\nsidebar_label: 'Hi!'\nsidebar_position: 3\n---\n\n# Hello\n\nThis is my **first Docusaurus document**!\n```\n\nIt is also possible to create your sidebar explicitly in `sidebars.js`:\n\n```js title=\"sidebars.js\"\nmodule.exports = {\n tutorialSidebar: [\n {\n type: 'category',\n label: 'Tutorial',\n // highlight-next-line\n items: ['hello'],\n },\n ],\n};\n```\n" }, { "path": "docs/docs/tutorial-basics/create-a-page.md", "content": "---\nsidebar_position: 1\n---\n\n# Create a Page\n\nAdd **Markdown or React** files to `src/pages` to create a **standalone page**:\n\n- `src/pages/index.js` โ†’ `localhost:3000/`\n- `src/pages/foo.md` โ†’ `localhost:3000/foo`\n- `src/pages/foo/bar.js` โ†’ `localhost:3000/foo/bar`\n\n## Create your first React Page\n\nCreate a file at `src/pages/my-react-page.js`:\n\n```jsx title=\"src/pages/my-react-page.js\"\nimport React from 'react';\nimport Layout from '@theme/Layout';\n\nexport default function MyReactPage() {\n return (\n \n

My React page

\n

This is a React page

\n \n );\n}\n```\n\nA new page is now available at [http://localhost:3000/my-react-page](http://localhost:3000/my-react-page).\n\n## Create your first Markdown Page\n\nCreate a file at `src/pages/my-markdown-page.md`:\n\n```mdx title=\"src/pages/my-markdown-page.md\"\n# My Markdown page\n\nThis is a Markdown page\n```\n\nA new page is now available at [http://localhost:3000/my-markdown-page](http://localhost:3000/my-markdown-page).\n" }, { "path": "docs/docs/tutorial-basics/deploy-your-site.md", "content": "---\nsidebar_position: 5\n---\n\n# Deploy your site\n\nDocusaurus is a **static-site-generator** (also called **[Jamstack](https://jamstack.org/)**).\n\nIt builds your site as simple **static HTML, JavaScript and CSS files**.\n\n## Build your site\n\nBuild your site **for production**:\n\n```bash\nnpm run build\n```\n\nThe static files are generated in the `build` folder.\n\n## Deploy your site\n\nTest your production build locally:\n\n```bash\nnpm run serve\n```\n\nThe `build` folder is now served at [http://localhost:3000/](http://localhost:3000/).\n\nYou can now deploy the `build` folder **almost anywhere** easily, **for free** or very small cost (read the **[Deployment Guide](https://docusaurus.io/docs/deployment)**).\n" }, { "path": "docs/docs/tutorial-basics/markdown-features.mdx", "content": "---\nsidebar_position: 4\n---\n\n# Markdown Features\n\nDocusaurus supports **[Markdown](https://daringfireball.net/projects/markdown/syntax)** and a few **additional features**.\n\n## Front Matter\n\nMarkdown documents have metadata at the top called [Front Matter](https://jekyllrb.com/docs/front-matter/):\n\n```text title=\"my-doc.md\"\n// highlight-start\n---\nid: my-doc-id\ntitle: My document title\ndescription: My document description\nslug: /my-custom-url\n---\n// highlight-end\n\n## Markdown heading\n\nMarkdown text with [links](./hello.md)\n```\n\n## Links\n\nRegular Markdown links are supported, using url paths or relative file paths.\n\n```md\nLet's see how to [Create a page](/create-a-page).\n```\n\n```md\nLet's see how to [Create a page](./create-a-page.md).\n```\n\n**Result:** Let's see how to [Create a page](./create-a-page.md).\n\n## Images\n\nRegular Markdown images are supported.\n\nYou can use absolute paths to reference images in the static directory (`static/img/docusaurus.png`):\n\n```md\n![Docusaurus logo](/img/docusaurus.png)\n```\n\n![Docusaurus logo](/img/docusaurus.png)\n\nYou can reference images relative to the current file as well, as shown in [the extra guides](../tutorial-extras/manage-docs-versions.md).\n\n## Code Blocks\n\nMarkdown code blocks are supported with Syntax highlighting.\n\n ```jsx title=\"src/components/HelloDocusaurus.js\"\n function HelloDocusaurus() {\n return (\n

Hello, Docusaurus!

\n )\n }\n ```\n\n```jsx title=\"src/components/HelloDocusaurus.js\"\nfunction HelloDocusaurus() {\n return

Hello, Docusaurus!

;\n}\n```\n\n## Admonitions\n\nDocusaurus has a special syntax to create admonitions and callouts:\n\n :::tip My tip\n\n Use this awesome feature option\n\n :::\n\n :::danger Take care\n\n This action is dangerous\n\n :::\n\n:::tip My tip\n\nUse this awesome feature option\n\n:::\n\n:::danger Take care\n\nThis action is dangerous\n\n:::\n\n## MDX and React Components\n\n[MDX](https://mdxjs.com/) can make your documentation more **interactive** and allows using any **React components inside Markdown**:\n\n```jsx\nexport const Highlight = ({children, color}) => (\n {\n alert(`You clicked the color ${color} with label ${children}`)\n }}>\n {children}\n \n);\n\nThis is Docusaurus green !\n\nThis is Facebook blue !\n```\n\nexport const Highlight = ({children, color}) => (\n {\n alert(`You clicked the color ${color} with label ${children}`);\n }}>\n {children}\n \n);\n\nThis is Docusaurus green !\n\nThis is Facebook blue !\n" }, { "path": "docs/docs/tutorial-extras/_category_.json", "content": "{\n \"label\": \"Tutorial - Extras\",\n \"position\": 3,\n \"link\": {\n \"type\": \"generated-index\"\n }\n}\n" }, { "path": "docs/docs/tutorial-extras/manage-docs-versions.md", "content": "---\nsidebar_position: 1\n---\n\n# Manage Docs Versions\n\nDocusaurus can manage multiple versions of your docs.\n\n## Create a docs version\n\nRelease a version 1.0 of your project:\n\n```bash\nnpm run docusaurus docs:version 1.0\n```\n\nThe `docs` folder is copied into `versioned_docs/version-1.0` and `versions.json` is created.\n\nYour docs now have 2 versions:\n\n- `1.0` at `http://localhost:3000/docs/` for the version 1.0 docs\n- `current` at `http://localhost:3000/docs/next/` for the **upcoming, unreleased docs**\n\n## Add a Version Dropdown\n\nTo navigate seamlessly across versions, add a version dropdown.\n\nModify the `docusaurus.config.js` file:\n\n```js title=\"docusaurus.config.js\"\nmodule.exports = {\n themeConfig: {\n navbar: {\n items: [\n // highlight-start\n {\n type: 'docsVersionDropdown',\n },\n // highlight-end\n ],\n },\n },\n};\n```\n\nThe docs version dropdown appears in your navbar:\n\n![Docs Version Dropdown](./img/docsVersionDropdown.png)\n\n## Update an existing version\n\nIt is possible to edit versioned docs in their respective folder:\n\n- `versioned_docs/version-1.0/hello.md` updates `http://localhost:3000/docs/hello`\n- `docs/hello.md` updates `http://localhost:3000/docs/next/hello`\n" }, { "path": "docs/docs/tutorial-extras/translate-your-site.md", "content": "---\nsidebar_position: 2\n---\n\n# Translate your site\n\nLet's translate `docs/intro.md` to French.\n\n## Configure i18n\n\nModify `docusaurus.config.js` to add support for the `fr` locale:\n\n```js title=\"docusaurus.config.js\"\nmodule.exports = {\n i18n: {\n defaultLocale: 'en',\n locales: ['en', 'fr'],\n },\n};\n```\n\n## Translate a doc\n\nCopy the `docs/intro.md` file to the `i18n/fr` folder:\n\n```bash\nmkdir -p i18n/fr/docusaurus-plugin-content-docs/current/\n\ncp docs/intro.md i18n/fr/docusaurus-plugin-content-docs/current/intro.md\n```\n\nTranslate `i18n/fr/docusaurus-plugin-content-docs/current/intro.md` in French.\n\n## Start your localized site\n\nStart your site on the French locale:\n\n```bash\nnpm run start -- --locale fr\n```\n\nYour localized site is accessible at [http://localhost:3000/fr/](http://localhost:3000/fr/) and the `Getting Started` page is translated.\n\n:::caution\n\nIn development, you can only use one locale at a same time.\n\n:::\n\n## Add a Locale Dropdown\n\nTo navigate seamlessly across languages, add a locale dropdown.\n\nModify the `docusaurus.config.js` file:\n\n```js title=\"docusaurus.config.js\"\nmodule.exports = {\n themeConfig: {\n navbar: {\n items: [\n // highlight-start\n {\n type: 'localeDropdown',\n },\n // highlight-end\n ],\n },\n },\n};\n```\n\nThe locale dropdown now appears in your navbar:\n\n![Locale Dropdown](./img/localeDropdown.png)\n\n## Build your localized site\n\nBuild your site for a specific locale:\n\n```bash\nnpm run build -- --locale fr\n```\n\nOr build your site to include all the locales at once:\n\n```bash\nnpm run build\n```\n" }, { "path": "docs/docs/what-is-cors.md", "content": "---\ntitle: What is CORS?\n---\n\n# What is `CORS` ?\n\n`CORS` Cross-Origin Resource Sharing\n\n## Do I need a cors proxy?\n\nIn short,\n\n- **NO:** For your own backend\n- **YES:** If..\n - Your front end is a plugin that runs on top of other sites. (e.g. shopify, figma plugin)\n - You are accessign third party api (e.g. instagram, twitter) and the api server responds with limited CORS headers.\n\n## Okay, it seems I don't need cors proxy service, What can I do?\n\nIf you're application is a general web app and you have control over the backend, here are some quick guides for each backend frameworks.\n\n- Express\n- Koa\n- Hapi\n- Fastify\n- NestJS\n- AWS Lambda\n" }, { "path": "docs/docusaurus.config.js", "content": "// @ts-check\n// Note: type annotations allow type checking and IDEs autocompletion\n\nconst lightCodeTheme = require(\"prism-react-renderer/themes/github\");\nconst darkCodeTheme = require(\"prism-react-renderer/themes/dracula\");\n\n/** @type {import('@docusaurus/types').Config} */\nconst config = {\n title: \"cors.sh\",\n tagline: \"Get started with CORS.SH\",\n url: \"https://docs.cors.sh\",\n // @ts-ignore\n baseUrl: process.env.BASE_URL,\n onBrokenLinks: \"throw\",\n onBrokenMarkdownLinks: \"warn\",\n favicon: \"img/favicon.ico\",\n\n // GitHub pages deployment config.\n // If you aren't using GitHub pages, you don't need these.\n organizationName: \"gridaco\", // Usually your GitHub org/user name.\n projectName: \"cors.sh\", // Usually your repo name.\n\n // Even if you don't use internalization, you can use this field to set useful\n // metadata like html lang. For example, if your site is Chinese, you may want\n // to replace \"en\" with \"zh-Hans\".\n i18n: {\n defaultLocale: \"en\",\n locales: [\"en\"],\n },\n\n presets: [\n [\n \"classic\",\n /** @type {import('@docusaurus/preset-classic').Options} */\n ({\n docs: {\n breadcrumbs: false,\n routeBasePath: \"/\",\n path: \"docs\",\n sidebarPath: require.resolve(\"./sidebars.js\"),\n // Please change this to your repo.\n // Remove this to remove the \"edit this page\" links.\n editUrl: \"https://github.com/gridaco/cors.sh/tree/main/docs/\",\n },\n blog: {\n showReadingTime: true,\n // Please change this to your repo.\n // Remove this to remove the \"edit this page\" links.\n editUrl:\n \"https://github.com/facebook/docusaurus/tree/main/packages/create-docusaurus/templates/shared/\",\n },\n // tracking\n googleAnalytics: {\n trackingID: \"G-XG051N1VS3\",\n },\n theme: {\n customCss: require.resolve(\"./src/css/custom.css\"),\n },\n }),\n ],\n ],\n\n themeConfig:\n /** @type {import('@docusaurus/preset-classic').ThemeConfig} */\n ({\n navbar: {\n logo: {\n alt: \"CORS.SH By Grida\",\n src: \"img/logo.svg\",\n width: 100,\n href: \"https://cors.sh/\",\n },\n items: [\n {\n type: \"doc\",\n docId: \"intro\",\n position: \"left\",\n label: \"Tutorial\",\n },\n { to: \"/blog\", label: \"Blog\", position: \"left\" },\n {\n href: \"https://github.com/facebook/docusaurus\",\n label: \"GitHub\",\n position: \"right\",\n },\n ],\n },\n footer: {\n style: \"light\",\n links: [\n {\n title: \"Docs\",\n items: [\n {\n label: \"Tutorial\",\n to: \"/docs/intro\",\n },\n ],\n },\n {\n title: \"Community\",\n items: [\n {\n label: \"Slack Channel\",\n href: \"https://grida.co/join-slack\",\n },\n {\n label: \"Twitter\",\n href: \"https://twitter.com/grida_co\",\n },\n ],\n },\n {\n title: \"More\",\n items: [\n {\n label: \"Blog\",\n to: \"/blog\",\n },\n {\n label: \"GitHub\",\n href: \"https://github.com/gridaco/cors.sh\",\n },\n ],\n },\n ],\n copyright: `Copyright ยฉ ${new Date().getFullYear()} Grida, Inc. Built with Docusaurus.`,\n },\n prism: {\n theme: lightCodeTheme,\n darkTheme: darkCodeTheme,\n },\n }),\n};\n\nmodule.exports = config;\n" }, { "path": "docs/package.json", "content": "{\n \"name\": \"docs\",\n \"version\": \"0.0.0\",\n \"private\": true,\n \"scripts\": {\n \"docusaurus\": \"docusaurus\",\n \"start\": \"docusaurus start\",\n \"build\": \"docusaurus build\",\n \"swizzle\": \"docusaurus swizzle\",\n \"deploy\": \"docusaurus deploy\",\n \"clear\": \"docusaurus clear\",\n \"serve\": \"docusaurus serve\",\n \"write-translations\": \"docusaurus write-translations\",\n \"write-heading-ids\": \"docusaurus write-heading-ids\"\n },\n \"dependencies\": {\n \"@docusaurus/core\": \"2.0.1\",\n \"@docusaurus/preset-classic\": \"2.0.1\",\n \"@mdx-js/react\": \"^1.6.22\",\n \"clsx\": \"^1.2.1\",\n \"prism-react-renderer\": \"^1.3.5\",\n \"react\": \"^17.0.2\",\n \"react-dom\": \"^17.0.2\"\n },\n \"devDependencies\": {\n \"@docusaurus/module-type-aliases\": \"2.0.1\"\n },\n \"browserslist\": {\n \"production\": [\n \">0.5%\",\n \"not dead\",\n \"not op_mini all\"\n ],\n \"development\": [\n \"last 1 chrome version\",\n \"last 1 firefox version\",\n \"last 1 safari version\"\n ]\n },\n \"engines\": {\n \"node\": \">=16.14\"\n }\n}\n" }, { "path": "docs/sidebars.js", "content": "/**\n * Creating a sidebar enables you to:\n - create an ordered group of docs\n - render a sidebar for each doc of that group\n - provide next/previous navigation\n\n The sidebars can be generated from the filesystem, or explicitly defined here.\n\n Create as many sidebars as you want.\n */\n\n// @ts-check\n\n/** @type {import('@docusaurus/plugin-content-docs').SidebarsConfig} */\nconst sidebars = {\n // By default, Docusaurus generates a sidebar from the docs folder structure\n tutorialSidebar: [{type: 'autogenerated', dirName: '.'}],\n\n // But you can create a sidebar manually\n /*\n tutorialSidebar: [\n {\n type: 'category',\n label: 'Tutorial',\n items: ['hello'],\n },\n ],\n */\n};\n\nmodule.exports = sidebars;\n" }, { "path": "docs/src/css/custom.css", "content": "/**\n * Any CSS included here will be global. The classic template\n * bundles Infima by default. Infima is a CSS framework designed to\n * work well for content-centric websites.\n */\n\n/* You can override the default Infima variables here. */\n:root {\n --ifm-color-primary: #2e8555;\n --ifm-color-primary-dark: #29784c;\n --ifm-color-primary-darker: #277148;\n --ifm-color-primary-darkest: #205d3b;\n --ifm-color-primary-light: #33925d;\n --ifm-color-primary-lighter: #359962;\n --ifm-color-primary-lightest: #3cad6e;\n --ifm-code-font-size: 95%;\n --docusaurus-highlighted-code-line-bg: rgba(0, 0, 0, 0.1);\n}\n\n/* For readability concerns, you should choose a lighter palette in dark mode. */\n[data-theme='dark'] {\n --ifm-color-primary: #25c2a0;\n --ifm-color-primary-dark: #21af90;\n --ifm-color-primary-darker: #1fa588;\n --ifm-color-primary-darkest: #1a8870;\n --ifm-color-primary-light: #29d5b0;\n --ifm-color-primary-lighter: #32d8b4;\n --ifm-color-primary-lightest: #4fddbf;\n --docusaurus-highlighted-code-line-bg: rgba(0, 0, 0, 0.3);\n}\n" }, { "path": "docs/static/.nojekyll", "content": "" }, { "path": "docs/static/index.html", "content": "\n\n \n \n \n \n Your Site Title Here\n \n \n If you are not redirected automatically, follow this\n link.\n \n\n" }, { "path": "examples/a-simple-demo/index.html", "content": "" }, { "path": "examples/a-simple-demo/index.js", "content": "" }, { "path": "examples/readme.md", "content": "# Examples directory\n" }, { "path": "package.json", "content": "{\n \"name\": \"cors.sh\",\n \"version\": \"0.0.0\",\n \"description\": \"The only cors proxy service all you'll ever need.\",\n \"repository\": \"https://github.com/gridaco/cors.sh.git\",\n \"authors\": [\n \"Rob-W\",\n \"hoppscotch\",\n \"softmarshmallow\"\n ],\n \"license\": \"MIT\",\n \"private\": true,\n \"workspaces\": [\n \"web\",\n \"homepage\",\n \"console\",\n \"packages/*\",\n \"packages/editor-ui/packages/*\"\n ],\n \"scripts\": {\n \"homepage\": \"yarn workspace homepage run dev\"\n },\n \"resolutions\": {\n \"@emotion/react\": \"^11.11.1\",\n \"@emotion/styled\": \"^11.11.0\"\n }\n}\n" }, { "path": "packages/api/index.ts", "content": "import Axios, { AxiosInstance, AxiosError } from \"axios\";\n\nconst HOST =\n process.env.NODE_ENV === \"production\"\n ? \"https://services.cors.sh\"\n : \"http://localhost:4021\";\n\nexport class Client {\n private _client: AxiosInstance;\n constructor(credentials: { \"x-cors-service-checkout-session-id\"?: string }) {\n this._client = Axios.create({\n baseURL: HOST,\n headers: {\n ...credentials,\n },\n });\n }\n\n async onboardingWithEmail({ email }: { email: string }) {\n try {\n return (\n await this._client.post(\n \"/onboarding/with-email\",\n { email }\n )\n ).data;\n } catch (e) {\n if (e instanceof AxiosError) {\n switch (e.response?.status) {\n case 409:\n throw new AlreadySignedUp();\n case 429:\n throw new OnboardingApiKeyAlreadyRequested();\n }\n }\n }\n }\n\n async onboardingWithForm({\n name,\n allowedOrigins = [],\n priceId,\n }: {\n name?: string;\n allowedOrigins?: string[];\n priceId?: string;\n }) {\n return (\n await this._client.post(\"/onboarding/with-form\", {\n name: name,\n allowedOrigins: allowedOrigins,\n priceId: priceId,\n })\n ).data;\n }\n\n async getOnboardingApplication(id: string) {\n return (await this._client.get(`/onboarding/${id}`))\n .data;\n }\n\n async convertApplication(onboarding_id: string, checkout_session_id: string) {\n return (\n await this._client.post(\n `/onboarding/${onboarding_id}/convert`,\n {\n checkout_session_id,\n }\n )\n ).data;\n }\n\n async createApplication(\n payload: CreateApplicationRequest\n ): Promise {\n const { data } = await this._client.post(\n \"/applications\",\n payload\n );\n return data;\n }\n\n async getApplication(id: string): Promise {\n return (await this._client.get(`/applications/${id}`))\n .data;\n }\n\n async listApplications(): Promise {\n return (await this._client.get(\"/applications\")).data;\n }\n\n async deleteApplication(id: string) {\n await this._client.delete(`/applications/${id}`);\n }\n\n async updateApplication(id: string, payload: UpdateApplicationRequest) {\n await this._client.put(`/applications/${id}`, payload);\n }\n}\n\n/**\n * client that is used for signing in the user.\n */\nconst _auth_client = Axios.create({\n baseURL: HOST,\n withCredentials: false,\n});\n\n/**\n * sign-in to cors.sh service. the authentication flow is..\n *\n * 1. user sign-in to grida.co (with first pary proxy authentication)\n * 2. user calles this function with the token.\n * 3. services.cors.sh will set the secure http only cookie.\n * 4. use the _signed_client to make future requests.\n * @returns\n */\nexport async function signin({ grida_token }: { grida_token: string }) {\n try {\n return await _auth_client.post(\"/auth/signin\", {\n headers: {\n \"Proxy-Authorization\": `Bearer ${grida_token}`,\n },\n });\n } catch (e) {\n return false;\n }\n}\n\nexport class AlreadySignedUp extends Error {\n constructor() {\n super(\"already signed up\");\n }\n}\n\nexport class OnboardingApiKeyAlreadyRequested extends Error {\n constructor() {\n super(\"onboarding api key already requested\");\n }\n}\n\nexport interface CreateApplicationRequest {\n name: string;\n allowedOrigins: string[];\n}\n\nexport interface Application {\n name: string;\n id: string;\n allowedOrigins: string[];\n}\n\nexport interface OnboardingApplication {\n id: string;\n email: string;\n name?: string;\n allowedOrigins: string[];\n priceId?: string;\n}\n\nexport type ApplicationWithApiKey = Application & {\n apikey_test: string;\n apikey_live: string;\n};\n\nexport type ApplicationDetail = ApplicationWithApiKey;\n\nexport type CreateAplicationResponse = ApplicationWithApiKey;\n\nexport type UpdateApplicationRequest = Application;\n\nexport default new Client({});\n" }, { "path": "packages/api/package.json", "content": "{\n \"name\": \"@cors.sh/service-api\",\n \"version\": \"0.0.0\",\n \"dependencies\": {\n \"axios\": \"^0.27.2\"\n }\n}\n" }, { "path": "packages/app-ui/components/api-key-reveal.tsx", "content": "import React from \"react\";\nimport copy from \"copy-to-clipboard\";\nimport toast from \"react-hot-toast\";\nimport styled from \"@emotion/styled\";\nimport { EyeOpenIcon } from \"@radix-ui/react-icons\";\n\nexport function ApiKeyReveal({\n keys,\n}: {\n keys: { test: string; prod: string };\n}) {\n const [masked, setMasked] = React.useState(true);\n\n const onCopy = (text: string) => {\n copy(text);\n toast.success(\"Copied to clipboard\");\n };\n\n const keydisplay = (key: string, masked: boolean) => {\n if (masked) {\n // leave the first 5 characters as is\n // replace all characters except \"-\" that with x\n const first5 = key.slice(0, 5);\n const target = key.slice(5);\n // replace all characters except \"-\" with x\n const masked = target.replace(/[^-]/g, \"x\");\n return first5 + masked.slice(5);\n } else {\n return key;\n }\n };\n\n const Item = ({ sign: key }: { sign: string }) => {\n return (\n onCopy(key)}>\n {keydisplay(key, masked)}\n
\n \n );\n };\n\n return (\n \n {\n setMasked(false);\n }}\n style={{\n visibility: masked ? \"visible\" : \"hidden\",\n }}\n >\n \n
\n 
\n        API Keys\n        
\n        
\n        # for testing\n        
\n        \n        
\n        
\n        # for production\n        
\n        \n
\n \n );\n}\n\nconst CodeBlock = styled.code`\n position: relative;\n display: block;\n width: 100%;\n padding: 21px;\n background: black;\n color: white;\n border-radius: 4px;\n font-size: 12px;\n font-family: monospace;\n font-weight: 400;\n overflow-x: scroll;\n\n .reveal {\n position: absolute;\n cursor: pointer;\n top: 12px;\n right: 12px;\n opacity: 0;\n transition: opacity 0.2s ease-in-out;\n }\n\n .key {\n cursor: pointer;\n }\n\n pre {\n margin: 0;\n }\n\n &:hover {\n .reveal {\n opacity: 1;\n }\n }\n`;\n" }, { "path": "packages/app-ui/components/index.ts", "content": "export * from \"./underline-button\";\nexport * from \"./api-key-reveal\";\n" }, { "path": "packages/app-ui/components/underline-button.tsx", "content": "import React from \"react\";\nimport styled from \"@emotion/styled\";\n\nexport const UnderlineButton = React.forwardRef(function UnderlineButton({ children }: React.PropsWithChildren<{}>, forwaredRef: React.Ref) {\n return <_Button ref={forwaredRef}>{children};\n})\n\nconst _Button = styled.button`\n background: none;\n border: none;\n padding: 0;\n font: inherit;\n cursor: pointer;\n outline: inherit;\n text-decoration: underline;\n color: rgba(0, 0, 0, 0.5);\n`;\n" }, { "path": "packages/app-ui/layouts/form-page-latout.ts", "content": "\"use client\";\nimport styled from \"@emotion/styled\";\n\nexport const FormPageLayout = styled.div`\n font-family: sans-serif;\n display: flex;\n flex-direction: column;\n margin: auto;\n align-items: center;\n justify-content: center;\n max-width: 320px;\n min-height: 100vh;\n\n h1,\n p {\n text-align: center;\n }\n\n .description {\n margin-top: 16px;\n }\n\n .body {\n display: flex;\n flex-direction: column;\n gap: 21px;\n width: 100%;\n }\n\n .form {\n margin-top: 60px;\n display: flex;\n flex-direction: column;\n gap: 21px;\n width: 100%;\n }\n\n .close {\n position: absolute;\n top: 16px;\n right: 16px;\n margin: 0 !important;\n padding: 4px !important;\n background: none;\n border: none;\n cursor: pointer;\n color: #ccc;\n\n &:hover {\n color: black;\n }\n }\n`;\n" }, { "path": "packages/app-ui/layouts/index.ts", "content": "export * from \"./form-page-latout\";\nexport * from \"./page-close-button\";\n" }, { "path": "packages/app-ui/layouts/page-close-button.tsx", "content": "import React from \"react\";\n// import { useRouter } from \"next/router\";\nimport { Cross2Icon } from \"@radix-ui/react-icons\";\n\nexport function PageCloseButton() {\n // const router = useRouter();\n\n return (\n {\n // router.replace(\"/\");\n }}\n >\n \n \n );\n}\n" }, { "path": "packages/app-ui/package.json", "content": "{\n \"name\": \"@app/ui\",\n \"version\": \"0.0.0\"\n}" }, { "path": "packages/app-ui/tsconfig.json", "content": "{\n \"compilerOptions\": {\n \"jsx\": \"react\",\n \"esModuleInterop\": true\n }\n}\n" }, { "path": "packages/app-ui/utils/index.ts", "content": "export const validateUrls = (urls: string) => {\n const lines = urls.split(\",\").map((line) => line.trim());\n for (const line of lines) {\n try {\n new URL(line);\n } catch (e) {\n return false;\n }\n }\n return true;\n};\n" }, { "path": "playground/readme.md", "content": "# cors.sh/playground\n\nVisit [cors.sh/playground](https://cors.sh/playground) to try out the playground.\n\nSource code available at [gridaco/playground.cors.sh](https://github.com/gridaco/playground.cors.sh).\n" }, { "path": "services/auth.proxy.cors.sh/.gitignore", "content": "# package directories\nnode_modules\njspm_packages\n\n# Serverless directories\n.serverless" }, { "path": "services/auth.proxy.cors.sh/deploy/prod.sh", "content": "sls deploy --stage production \\\n --param=\"domain=true\"" }, { "path": "services/auth.proxy.cors.sh/deploy/staging.sh", "content": "sls deploy --stage production \\\n --param=\"domain=true\"" }, { "path": "services/auth.proxy.cors.sh/handler.ts", "content": "// this uses dynamodb to read api key signatures\n// signature types are..\n// tmp - this is not stored in db.\n// live / test - this is stored in db.\n\nconst CORS_API_KEY_HEADER = \"x-cors-api-key\";\n\n// API Gateway authorizer for serverless functions\nmodule.exports.authorize = async (event) => {\n // get the api key from the header\n const key = event.headers[CORS_API_KEY_HEADER];\n // const { mode, signature } = keyinfo(key);\n\n // switch (mode) {\n // case \"temp\": {\n // break;\n // }\n // case \"live\": {\n // break;\n // }\n // case \"test\": {\n // break;\n // }\n // case \"v2022\": {\n // //\n // }\n // }\n\n // Authorized\n return {\n principalId: \"user\",\n policyDocument: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"execute-api:Invoke\",\n Effect: \"Allow\",\n Resource: event.methodArn,\n },\n ],\n },\n\n // Optional context\n context: {\n key,\n },\n\n // Optional output with custom properties of the String, Number or Boolean type.\n usageIdentifierKey: \"123456789\",\n };\n};\n" }, { "path": "services/auth.proxy.cors.sh/package.json", "content": "{\n \"name\": \"auth.proxy.cors.sh\",\n \"version\": \"0.0.0\",\n \"dependencies\": {\n \"aws-sdk\": \"^2.1290.0\"\n }\n}" }, { "path": "services/auth.proxy.cors.sh/readme.md", "content": "# API Authorizer for proxy.cors.sh\n\n## Architecture\n\nThis layer will use the synced key signatures direcly from the table, then proxy.cors.sh will use this as an authorizer.\n\n> The table is managed by the service layer, this layer only performs GetItem.\n\nAccess points are secured by domain, this service's source is safe to be public on github.\n" }, { "path": "services/auth.proxy.cors.sh/serverless.yml", "content": "# Welcome to serverless. Read the docs\n# https://serverless.com/framework/docs/\n\nservice: cors-proxy-authorizer\nuseDotenv: true\ncustom:\n customDomain:\n domainName: auth.proxy.cors.sh\n basePath: \"\"\n stage: ${opt:stage, self:provider.stage}\n createRoute53Record: false\n # enabled only for production - configured by package.json script with --domain flag.\n enabled: ${param:domain, false}\n\n serverless-offline:\n httpPort: 4022\n noPrependStageInUrl: true\n\nprovider:\n name: aws\n memorySize: 128\n runtime: nodejs14.x\n apiGateway:\n shouldStartNameWithService: true\n binaryMediaTypes:\n - \"*/*\"\n endpointType: regional\n region: us-west-1\n environment:\n # managed by service.cors.sh\n DYNAMODB_TABLE_SERVICE_KEYS: \"$cors-proxy-service-keys-${opt:stage, self:provider.stage}\"\n iamRoleStatements:\n - Effect: Allow\n Action:\n # this service only needs to read the service keys\n - dynamodb:GetItem\n Resource: \"arn:aws:dynamodb:${opt:region, self:provider.region}:*:table/${self:provider.environment.DYNAMODB_TABLE_SERVICE_KEYS}\"\n\n# The `functions` block defines what code to deploy\nfunctions:\n api:\n handler: handler.authorize\n maximumEventAge: 60\n maximumRetryAttempts: 0\n timeout: 12\n events:\n - http:\n path: /{proxy+}\n method: any\n - http:\n path: /\n method: get\n\nplugins:\n - serverless-plugin-typescript\n - serverless-plugin-optimize\n - serverless-offline\n - serverless-domain-manager\n" }, { "path": "services/lagacy/.gitignore", "content": "# compiled output\n/dist\n/node_modules\n.build\n# Logs\nlogs\n*.log\nnpm-debug.log*\nyarn-debug.log*\nyarn-error.log*\nlerna-debug.log*\n\n# OS\n.DS_Store\n\n# Tests\n/coverage\n/.nyc_output\n\n# IDEs and editors\n/.idea\n.project\n.classpath\n.c9/\n*.launch\n.settings/\n*.sublime-workspace\n\n# IDE - VSCode\n.vscode/*\n!.vscode/settings.json\n!.vscode/tasks.json\n!.vscode/launch.json\n!.vscode/extensions.json" }, { "path": "services/lagacy/README.md", "content": "# Legacy cors.bridged.cc\n\nAll requests to cors.bridged.cc will be redirected to cors.sh\n\nThis is done by api-gateway in AWS console.\n\nKeep the code as original as the last state of active service\n" }, { "path": "services/lagacy/lib/cors.ts", "content": "import * as httpProxy from \"http-proxy\";\nimport * as https from \"https\";\nimport * as http from \"http\";\nimport * as url from \"url\";\nimport { getProxyForUrl } from \"proxy-from-env\";\nimport { withCORS, isValidHostName, parseURL } from \"./utils\";\n\ninterface OptionParams {\n httpProxyOptions: httpProxy.ServerOptions;\n httpsOptions?: https.ServerOptions;\n [x: string]: any;\n}\n\nfunction proxyRequest(req, res, proxy) {\n var location = req.corsAnywhereRequestState.location;\n req.url = location.path;\n\n var proxyOptions: any = {\n changeOrigin: false,\n prependPath: false,\n target: location,\n headers: {\n host: location.host,\n },\n buffer: {\n pipe: function(proxyReq) {\n var proxyReqOn = proxyReq.on;\n proxyReq.on = function(eventName, listener) {\n if (eventName !== \"response\") {\n return proxyReqOn.call(this, eventName, listener);\n }\n return proxyReqOn.call(this, \"response\", function(proxyRes) {\n if (onProxyResponse(proxy, proxyReq, proxyRes, req, res)) {\n try {\n listener(proxyRes);\n } catch (err) {\n proxyReq.emit(\"error\", err);\n }\n }\n });\n };\n return req.pipe(proxyReq);\n },\n },\n };\n\n var proxyThroughUrl = req.corsAnywhereRequestState.getProxyForUrl(\n location.href\n );\n if (proxyThroughUrl) {\n proxyOptions.target = proxyThroughUrl;\n proxyOptions.toProxy = true;\n req.url = location.href;\n }\n\n try {\n proxy.web(req, res, proxyOptions);\n } catch (err) {\n proxy.emit(\"error\", err, req, res);\n }\n}\n\nfunction onProxyResponse(proxy, proxyReq, proxyRes, req, res) {\n var requestState = req.corsAnywhereRequestState;\n\n var statusCode = proxyRes.statusCode;\n\n if (!requestState.redirectCount_) {\n res.setHeader(\"x-request-url\", requestState.location.href);\n }\n if (\n statusCode === 301 ||\n statusCode === 302 ||\n statusCode === 303 ||\n statusCode === 307 ||\n statusCode === 308\n ) {\n var locationHeader = proxyRes.headers.location;\n var parsedLocation;\n if (locationHeader) {\n locationHeader = url.resolve(requestState.location.href, locationHeader);\n parsedLocation = parseURL(locationHeader);\n }\n if (parsedLocation) {\n if (statusCode === 301 || statusCode === 302 || statusCode === 303) {\n requestState.redirectCount_ = requestState.redirectCount_ + 1 || 1;\n if (requestState.redirectCount_ <= requestState.maxRedirects) {\n res.setHeader(\n \"X-CORS-Redirect-\" + requestState.redirectCount_,\n statusCode + \" \" + locationHeader\n );\n\n req.method = \"GET\";\n req.headers[\"content-length\"] = \"0\";\n delete req.headers[\"content-type\"];\n requestState.location = parsedLocation;\n req.removeAllListeners();\n proxyReq.removeAllListeners(\"error\");\n proxyReq.once(\"error\", function catchAndIgnoreError() {});\n proxyReq.abort();\n proxyRequest(req, res, proxy);\n return false;\n }\n }\n proxyRes.headers.location =\n requestState.proxyBaseUrl + \"/\" + locationHeader;\n }\n }\n\n delete proxyRes.headers[\"set-cookie\"];\n delete proxyRes.headers[\"set-cookie2\"];\n\n proxyRes.headers[\"x-final-url\"] = requestState.location.href;\n withCORS(proxyRes.headers, req);\n return true;\n}\n\nfunction getHandler(options, proxy) {\n var corsAnywhere: any = {\n getProxyForUrl: getProxyForUrl, // Function that specifies the proxy to use\n maxRedirects: 5, // Maximum number of redirects to be followed.\n originBlacklist: [], // Requests from these origins will be blocked.\n originWhitelist: [], // If non-empty, requests not from an origin in this list will be blocked.\n checkRateLimit: null, // Function that may enforce a rate-limit by returning a non-empty string.\n redirectSameOrigin: false, // Redirect the client to the requested URL for same-origin requests.\n requireHeader: null, // Require a header to be set?\n removeHeaders: [], // Strip these request headers.\n setHeaders: {}, // Set these request headers.\n corsMaxAge: 0, // If set, an Access-Control-Max-Age header with this value (in seconds) will be added.\n helpFile: __dirname + \"/help.txt\",\n };\n\n Object.keys(corsAnywhere).forEach(function(option) {\n if (Object.prototype.hasOwnProperty.call(options, option)) {\n corsAnywhere[option] = options[option];\n }\n });\n if (corsAnywhere.requireHeader) {\n if (typeof corsAnywhere.requireHeader === \"string\") {\n corsAnywhere.requireHeader = [corsAnywhere.requireHeader.toLowerCase()];\n } else if (\n !Array.isArray(corsAnywhere.requireHeader) ||\n corsAnywhere.requireHeader.length === 0\n ) {\n corsAnywhere.requireHeader = null;\n } else {\n corsAnywhere.requireHeader = corsAnywhere.requireHeader.map(function(\n headerName\n ) {\n return headerName.toLowerCase();\n });\n }\n }\n var hasRequiredHeaders = function(headers) {\n return (\n !corsAnywhere.requireHeader ||\n corsAnywhere.requireHeader.some(function(headerName) {\n return Object.hasOwnProperty.call(headers, headerName);\n })\n );\n };\n\n return function(req, res) {\n req.corsAnywhereRequestState = {\n getProxyForUrl: corsAnywhere.getProxyForUrl,\n maxRedirects: corsAnywhere.maxRedirects,\n corsMaxAge: corsAnywhere.corsMaxAge,\n };\n\n var cors_headers = withCORS({}, req);\n if (req.method === \"OPTIONS\") {\n res.writeHead(200, cors_headers);\n res.end();\n return;\n }\n\n var location: any = parseURL(req.url.slice(1));\n\n if (location.host === \"iscorsneeded\") {\n res.writeHead(200, { \"Content-Type\": \"text/plain\" });\n res.end(\"no\");\n return;\n }\n\n if (location.port > 65535) {\n res.writeHead(400, \"Invalid port\", cors_headers);\n res.end(\"Port number too large: \" + location.port);\n return;\n }\n\n if (!/^\\/https?:/.test(req.url) && !isValidHostName(location.hostname)) {\n res.writeHead(404, \"Invalid host\", cors_headers);\n res.end(\"Invalid host: \" + location.hostname);\n return;\n }\n\n if (!hasRequiredHeaders(req.headers)) {\n res.writeHead(400, \"Header required\", cors_headers);\n res.end(\n \"Missing required request header. Must specify one of: \" +\n corsAnywhere.requireHeader\n );\n return;\n }\n\n var origin = req.headers.origin || \"\";\n if (corsAnywhere.originBlacklist.indexOf(origin) >= 0) {\n res.writeHead(403, \"Forbidden\", cors_headers);\n res.end(\n 'The origin \"' +\n origin +\n '\" was blacklisted by the operator of this proxy.'\n );\n return;\n }\n\n if (\n corsAnywhere.originWhitelist.length &&\n corsAnywhere.originWhitelist.indexOf(origin) === -1\n ) {\n res.writeHead(403, \"Forbidden\", cors_headers);\n res.end(\n 'The origin \"' +\n origin +\n '\" was not whitelisted by the operator of this proxy.'\n );\n return;\n }\n\n var rateLimitMessage =\n corsAnywhere.checkRateLimit && corsAnywhere.checkRateLimit(origin);\n if (rateLimitMessage) {\n res.writeHead(429, \"Too Many Requests\", cors_headers);\n res.end(\n 'The origin \"' +\n origin +\n '\" has sent too many requests.\\n' +\n rateLimitMessage\n );\n return;\n }\n\n if (\n corsAnywhere.redirectSameOrigin &&\n origin &&\n location.href[origin.length] === \"/\" &&\n location.href.lastIndexOf(origin, 0) === 0\n ) {\n cors_headers.vary = \"origin\";\n cors_headers[\"cache-control\"] = \"private\";\n cors_headers.location = location.href;\n res.writeHead(301, \"Please use a direct request\", cors_headers);\n res.end();\n return;\n }\n\n var isRequestedOverHttps =\n req.connection.encrypted ||\n /^\\s*https/.test(req.headers[\"x-forwarded-proto\"]);\n var proxyBaseUrl =\n (isRequestedOverHttps ? \"https://\" : \"http://\") + req.headers.host;\n\n corsAnywhere.removeHeaders.forEach(function(header) {\n delete req.headers[header];\n });\n\n Object.keys(corsAnywhere.setHeaders).forEach(function(header) {\n req.headers[header] = corsAnywhere.setHeaders[header];\n });\n\n req.corsAnywhereRequestState.location = location;\n req.corsAnywhereRequestState.proxyBaseUrl = proxyBaseUrl;\n\n proxyRequest(req, res, proxy);\n };\n}\n\nexport const createServer = (options: OptionParams) => {\n var server: https.Server | http.Server;\n var httpProxyOptions: httpProxy.ServerOptions = {\n xfwd: true, // Append X-Forwarded-* headers\n };\n\n options = options || {};\n\n if (options.httpProxyOptions) {\n Object.keys(options.httpProxyOptions).forEach(function(option) {\n httpProxyOptions[option] = options.httpProxyOptions[option];\n });\n }\n\n var proxy: httpProxy = httpProxy.createServer(httpProxyOptions);\n var requestHandler = getHandler(options, proxy);\n if (options.httpsOptions) {\n server = https.createServer(options.httpsOptions, requestHandler);\n } else {\n server = http.createServer(requestHandler);\n }\n\n proxy.on(\"error\", function(\n err: Error,\n _: http.IncomingMessage,\n res: http.ServerResponse\n ) {\n if (res.headersSent) {\n if (res.writableEnded === false) {\n res.end();\n }\n return;\n }\n var headerNames = res.getHeaderNames\n ? res.getHeaderNames()\n : //@ts-ignore\n Object.keys(res._headers || {});\n headerNames.forEach(function(name) {\n res.removeHeader(name);\n });\n\n res.writeHead(404, { \"Access-Control-Allow-Origin\": \"*\" });\n res.end(\"Not found because of proxy error: \" + err);\n });\n return server;\n};\n" }, { "path": "services/lagacy/lib/utils.ts", "content": "import * as net from \"net\";\nimport * as url from \"url\";\n\nexport const regexp = /\\.(?:AAA|AARP|ABARTH|ABB|ABBOTT|ABBVIE|ABC|ABLE|ABOGADO|ABUDHABI|AC|ACADEMY|ACCENTURE|ACCOUNTANT|ACCOUNTANTS|ACO|ACTIVE|ACTOR|AD|ADAC|ADS|ADULT|AE|AEG|AERO|AETNA|AF|AFAMILYCOMPANY|AFL|AFRICA|AG|AGAKHAN|AGENCY|AI|AIG|AIGO|AIRBUS|AIRFORCE|AIRTEL|AKDN|AL|ALFAROMEO|ALIBABA|ALIPAY|ALLFINANZ|ALLSTATE|ALLY|ALSACE|ALSTOM|AM|AMERICANEXPRESS|AMERICANFAMILY|AMEX|AMFAM|AMICA|AMSTERDAM|ANALYTICS|ANDROID|ANQUAN|ANZ|AO|AOL|APARTMENTS|APP|APPLE|AQ|AQUARELLE|AR|ARAB|ARAMCO|ARCHI|ARMY|ARPA|ART|ARTE|AS|ASDA|ASIA|ASSOCIATES|AT|ATHLETA|ATTORNEY|AU|AUCTION|AUDI|AUDIBLE|AUDIO|AUSPOST|AUTHOR|AUTO|AUTOS|AVIANCA|AW|AWS|AX|AXA|AZ|AZURE|BA|BABY|BAIDU|BANAMEX|BANANAREPUBLIC|BAND|BANK|BAR|BARCELONA|BARCLAYCARD|BARCLAYS|BAREFOOT|BARGAINS|BASEBALL|BASKETBALL|BAUHAUS|BAYERN|BB|BBC|BBT|BBVA|BCG|BCN|BD|BE|BEATS|BEAUTY|BEER|BENTLEY|BERLIN|BEST|BESTBUY|BET|BF|BG|BH|BHARTI|BI|BIBLE|BID|BIKE|BING|BINGO|BIO|BIZ|BJ|BLACK|BLACKFRIDAY|BLANCO|BLOCKBUSTER|BLOG|BLOOMBERG|BLUE|BM|BMS|BMW|BN|BNL|BNPPARIBAS|BO|BOATS|BOEHRINGER|BOFA|BOM|BOND|BOO|BOOK|BOOKING|BOOTS|BOSCH|BOSTIK|BOSTON|BOT|BOUTIQUE|BOX|BR|BRADESCO|BRIDGESTONE|BROADWAY|BROKER|BROTHER|BRUSSELS|BS|BT|BUDAPEST|BUGATTI|BUILD|BUILDERS|BUSINESS|BUY|BUZZ|BV|BW|BY|BZ|BZH|CA|CAB|CAFE|CAL|CALL|CALVINKLEIN|CAM|CAMERA|CAMP|CANCERRESEARCH|CANON|CAPETOWN|CAPITAL|CAPITALONE|CAR|CARAVAN|CARDS|CARE|CAREER|CAREERS|CARS|CARTIER|CASA|CASE|CASEIH|CASH|CASINO|CAT|CATERING|CATHOLIC|CBA|CBN|CBRE|CBS|CC|CD|CEB|CENTER|CEO|CERN|CF|CFA|CFD|CG|CH|CHANEL|CHANNEL|CHASE|CHAT|CHEAP|CHINTAI|CHRISTMAS|CHROME|CHRYSLER|CHURCH|CI|CIPRIANI|CIRCLE|CISCO|CITADEL|CITI|CITIC|CITY|CITYEATS|CK|CL|CLAIMS|CLEANING|CLICK|CLINIC|CLINIQUE|CLOTHING|CLOUD|CLUB|CLUBMED|CM|CN|CO|COACH|CODES|COFFEE|COLLEGE|COLOGNE|COM|COMCAST|COMMBANK|COMMUNITY|COMPANY|COMPARE|COMPUTER|COMSEC|CONDOS|CONSTRUCTION|CONSULTING|CONTACT|CONTRACTORS|COOKING|COOKINGCHANNEL|COOL|COOP|CORSICA|COUNTRY|COUPON|COUPONS|COURSES|CR|CREDIT|CREDITCARD|CREDITUNION|CRICKET|CROWN|CRS|CRUISE|CRUISES|CSC|CU|CUISINELLA|CV|CW|CX|CY|CYMRU|CYOU|CZ|DABUR|DAD|DANCE|DATA|DATE|DATING|DATSUN|DAY|DCLK|DDS|DE|DEAL|DEALER|DEALS|DEGREE|DELIVERY|DELL|DELOITTE|DELTA|DEMOCRAT|DENTAL|DENTIST|DESI|DESIGN|DEV|DHL|DIAMONDS|DIET|DIGITAL|DIRECT|DIRECTORY|DISCOUNT|DISCOVER|DISH|DIY|DJ|DK|DM|DNP|DO|DOCS|DOCTOR|DODGE|DOG|DOHA|DOMAINS|DOT|DOWNLOAD|DRIVE|DTV|DUBAI|DUCK|DUNLOP|DUNS|DUPONT|DURBAN|DVAG|DVR|DZ|EARTH|EAT|EC|ECO|EDEKA|EDU|EDUCATION|EE|EG|EMAIL|EMERCK|ENERGY|ENGINEER|ENGINEERING|ENTERPRISES|EPOST|EPSON|EQUIPMENT|ER|ERICSSON|ERNI|ES|ESQ|ESTATE|ESURANCE|ET|ETISALAT|EU|EUROVISION|EUS|EVENTS|EVERBANK|EXCHANGE|EXPERT|EXPOSED|EXPRESS|EXTRASPACE|FAGE|FAIL|FAIRWINDS|FAITH|FAMILY|FAN|FANS|FARM|FARMERS|FASHION|FAST|FEDEX|FEEDBACK|FERRARI|FERRERO|FI|FIAT|FIDELITY|FIDO|FILM|FINAL|FINANCE|FINANCIAL|FIRE|FIRESTONE|FIRMDALE|FISH|FISHING|FIT|FITNESS|FJ|FK|FLICKR|FLIGHTS|FLIR|FLORIST|FLOWERS|FLY|FM|FO|FOO|FOOD|FOODNETWORK|FOOTBALL|FORD|FOREX|FORSALE|FORUM|FOUNDATION|FOX|FR|FREE|FRESENIUS|FRL|FROGANS|FRONTDOOR|FRONTIER|FTR|FUJITSU|FUJIXEROX|FUN|FUND|FURNITURE|FUTBOL|FYI|GA|GAL|GALLERY|GALLO|GALLUP|GAME|GAMES|GAP|GARDEN|GB|GBIZ|GD|GDN|GE|GEA|GENT|GENTING|GEORGE|GF|GG|GGEE|GH|GI|GIFT|GIFTS|GIVES|GIVING|GL|GLADE|GLASS|GLE|GLOBAL|GLOBO|GM|GMAIL|GMBH|GMO|GMX|GN|GODADDY|GOLD|GOLDPOINT|GOLF|GOO|GOODHANDS|GOODYEAR|GOOG|GOOGLE|GOP|GOT|GOV|GP|GQ|GR|GRAINGER|GRAPHICS|GRATIS|GREEN|GRIPE|GROCERY|GROUP|GS|GT|GU|GUARDIAN|GUCCI|GUGE|GUIDE|GUITARS|GURU|GW|GY|HAIR|HAMBURG|HANGOUT|HAUS|HBO|HDFC|HDFCBANK|HEALTH|HEALTHCARE|HELP|HELSINKI|HERE|HERMES|HGTV|HIPHOP|HISAMITSU|HITACHI|HIV|HK|HKT|HM|HN|HOCKEY|HOLDINGS|HOLIDAY|HOMEDEPOT|HOMEGOODS|HOMES|HOMESENSE|HONDA|HONEYWELL|HORSE|HOSPITAL|HOST|HOSTING|HOT|HOTELES|HOTELS|HOTMAIL|HOUSE|HOW|HR|HSBC|HT|HU|HUGHES|HYATT|HYUNDAI|IBM|ICBC|ICE|ICU|ID|IE|IEEE|IFM|IKANO|IL|IM|IMAMAT|IMDB|IMMO|IMMOBILIEN|IN|INDUSTRIES|INFINITI|INFO|ING|INK|INSTITUTE|INSURANCE|INSURE|INT|INTEL|INTERNATIONAL|INTUIT|INVESTMENTS|IO|IPIRANGA|IQ|IR|IRISH|IS|ISELECT|ISMAILI|IST|ISTANBUL|IT|ITAU|ITV|IVECO|IWC|JAGUAR|JAVA|JCB|JCP|JE|JEEP|JETZT|JEWELRY|JIO|JLC|JLL|JM|JMP|JNJ|JO|JOBS|JOBURG|JOT|JOY|JP|JPMORGAN|JPRS|JUEGOS|JUNIPER|KAUFEN|KDDI|KE|KERRYHOTELS|KERRYLOGISTICS|KERRYPROPERTIES|KFH|KG|KH|KI|KIA|KIM|KINDER|KINDLE|KITCHEN|KIWI|KM|KN|KOELN|KOMATSU|KOSHER|KP|KPMG|KPN|KR|KRD|KRED|KUOKGROUP|KW|KY|KYOTO|KZ|LA|LACAIXA|LADBROKES|LAMBORGHINI|LAMER|LANCASTER|LANCIA|LANCOME|LAND|LANDROVER|LANXESS|LASALLE|LAT|LATINO|LATROBE|LAW|LAWYER|LB|LC|LDS|LEASE|LECLERC|LEFRAK|LEGAL|LEGO|LEXUS|LGBT|LI|LIAISON|LIDL|LIFE|LIFEINSURANCE|LIFESTYLE|LIGHTING|LIKE|LILLY|LIMITED|LIMO|LINCOLN|LINDE|LINK|LIPSY|LIVE|LIVING|LIXIL|LK|LOAN|LOANS|LOCKER|LOCUS|LOFT|LOL|LONDON|LOTTE|LOTTO|LOVE|LPL|LPLFINANCIAL|LR|LS|LT|LTD|LTDA|LU|LUNDBECK|LUPIN|LUXE|LUXURY|LV|LY|MA|MACYS|MADRID|MAIF|MAISON|MAKEUP|MAN|MANAGEMENT|MANGO|MAP|MARKET|MARKETING|MARKETS|MARRIOTT|MARSHALLS|MASERATI|MATTEL|MBA|MC|MCKINSEY|MD|ME|MED|MEDIA|MEET|MELBOURNE|MEME|MEMORIAL|MEN|MENU|MEO|MERCKMSD|METLIFE|MG|MH|MIAMI|MICROSOFT|MIL|MINI|MINT|MIT|MITSUBISHI|MK|ML|MLB|MLS|MM|MMA|MN|MO|MOBI|MOBILE|MOBILY|MODA|MOE|MOI|MOM|MONASH|MONEY|MONSTER|MOPAR|MORMON|MORTGAGE|MOSCOW|MOTO|MOTORCYCLES|MOV|MOVIE|MOVISTAR|MP|MQ|MR|MS|MSD|MT|MTN|MTR|MU|MUSEUM|MUTUAL|MV|MW|MX|MY|MZ|NA|NAB|NADEX|NAGOYA|NAME|NATIONWIDE|NATURA|NAVY|NBA|NC|NE|NEC|NET|NETBANK|NETFLIX|NETWORK|NEUSTAR|NEW|NEWHOLLAND|NEWS|NEXT|NEXTDIRECT|NEXUS|NF|NFL|NG|NGO|NHK|NI|NICO|NIKE|NIKON|NINJA|NISSAN|NISSAY|NL|NO|NOKIA|NORTHWESTERNMUTUAL|NORTON|NOW|NOWRUZ|NOWTV|NP|NR|NRA|NRW|NTT|NU|NYC|NZ|OBI|OBSERVER|OFF|OFFICE|OKINAWA|OLAYAN|OLAYANGROUP|OLDNAVY|OLLO|OM|OMEGA|ONE|ONG|ONL|ONLINE|ONYOURSIDE|OOO|OPEN|ORACLE|ORANGE|ORG|ORGANIC|ORIGINS|OSAKA|OTSUKA|OTT|OVH|PA|PAGE|PANASONIC|PANERAI|PARIS|PARS|PARTNERS|PARTS|PARTY|PASSAGENS|PAY|PCCW|PE|PET|PF|PFIZER|PG|PH|PHARMACY|PHD|PHILIPS|PHONE|PHOTO|PHOTOGRAPHY|PHOTOS|PHYSIO|PIAGET|PICS|PICTET|PICTURES|PID|PIN|PING|PINK|PIONEER|PIZZA|PK|PL|PLACE|PLAY|PLAYSTATION|PLUMBING|PLUS|PM|PN|PNC|POHL|POKER|POLITIE|PORN|POST|PR|PRAMERICA|PRAXI|PRESS|PRIME|PRO|PROD|PRODUCTIONS|PROF|PROGRESSIVE|PROMO|PROPERTIES|PROPERTY|PROTECTION|PRU|PRUDENTIAL|PS|PT|PUB|PW|PWC|PY|QA|QPON|QUEBEC|QUEST|QVC|RACING|RADIO|RAID|RE|READ|REALESTATE|REALTOR|REALTY|RECIPES|RED|REDSTONE|REDUMBRELLA|REHAB|REISE|REISEN|REIT|RELIANCE|REN|RENT|RENTALS|REPAIR|REPORT|REPUBLICAN|REST|RESTAURANT|REVIEW|REVIEWS|REXROTH|RICH|RICHARDLI|RICOH|RIGHTATHOME|RIL|RIO|RIP|RMIT|RO|ROCHER|ROCKS|RODEO|ROGERS|ROOM|RS|RSVP|RU|RUGBY|RUHR|RUN|RW|RWE|RYUKYU|SA|SAARLAND|SAFE|SAFETY|SAKURA|SALE|SALON|SAMSCLUB|SAMSUNG|SANDVIK|SANDVIKCOROMANT|SANOFI|SAP|SAPO|SARL|SAS|SAVE|SAXO|SB|SBI|SBS|SC|SCA|SCB|SCHAEFFLER|SCHMIDT|SCHOLARSHIPS|SCHOOL|SCHULE|SCHWARZ|SCIENCE|SCJOHNSON|SCOR|SCOT|SD|SE|SEARCH|SEAT|SECURE|SECURITY|SEEK|SELECT|SENER|SERVICES|SES|SEVEN|SEW|SEX|SEXY|SFR|SG|SH|SHANGRILA|SHARP|SHAW|SHELL|SHIA|SHIKSHA|SHOES|SHOP|SHOPPING|SHOUJI|SHOW|SHOWTIME|SHRIRAM|SI|SILK|SINA|SINGLES|SITE|SJ|SK|SKI|SKIN|SKY|SKYPE|SL|SLING|SM|SMART|SMILE|SN|SNCF|SO|SOCCER|SOCIAL|SOFTBANK|SOFTWARE|SOHU|SOLAR|SOLUTIONS|SONG|SONY|SOY|SPACE|SPIEGEL|SPOT|SPREADBETTING|SR|SRL|SRT|ST|STADA|STAPLES|STAR|STARHUB|STATEBANK|STATEFARM|STATOIL|STC|STCGROUP|STOCKHOLM|STORAGE|STORE|STREAM|STUDIO|STUDY|STYLE|SU|SUCKS|SUPPLIES|SUPPLY|SUPPORT|SURF|SURGERY|SUZUKI|SV|SWATCH|SWIFTCOVER|SWISS|SX|SY|SYDNEY|SYMANTEC|SYSTEMS|SZ|TAB|TAIPEI|TALK|TAOBAO|TARGET|TATAMOTORS|TATAR|TATTOO|TAX|TAXI|TC|TCI|TD|TDK|TEAM|TECH|TECHNOLOGY|TEL|TELECITY|TELEFONICA|TEMASEK|TENNIS|TEVA|TF|TG|TH|THD|THEATER|THEATRE|TIAA|TICKETS|TIENDA|TIFFANY|TIPS|TIRES|TIROL|TJ|TJMAXX|TJX|TK|TKMAXX|TL|TM|TMALL|TN|TO|TODAY|TOKYO|TOOLS|TOP|TORAY|TOSHIBA|TOTAL|TOURS|TOWN|TOYOTA|TOYS|TR|TRADE|TRADING|TRAINING|TRAVEL|TRAVELCHANNEL|TRAVELERS|TRAVELERSINSURANCE|TRUST|TRV|TT|TUBE|TUI|TUNES|TUSHU|TV|TVS|TW|TZ|UA|UBANK|UBS|UCONNECT|UG|UK|UNICOM|UNIVERSITY|UNO|UOL|UPS|US|UY|UZ|VA|VACATIONS|VANA|VANGUARD|VC|VE|VEGAS|VENTURES|VERISIGN|VERSICHERUNG|VET|VG|VI|VIAJES|VIDEO|VIG|VIKING|VILLAS|VIN|VIP|VIRGIN|VISA|VISION|VISTA|VISTAPRINT|VIVA|VIVO|VLAANDEREN|VN|VODKA|VOLKSWAGEN|VOLVO|VOTE|VOTING|VOTO|VOYAGE|VU|VUELOS|WALES|WALMART|WALTER|WANG|WANGGOU|WARMAN|WATCH|WATCHES|WEATHER|WEATHERCHANNEL|WEBCAM|WEBER|WEBSITE|WED|WEDDING|WEIBO|WEIR|WF|WHOSWHO|WIEN|WIKI|WILLIAMHILL|WIN|WINDOWS|WINE|WINNERS|WME|WOLTERSKLUWER|WOODSIDE|WORK|WORKS|WORLD|WOW|WS|WTC|WTF|XBOX|XEROX|XFINITY|XIHUAN|XIN|XN--11B4C3D|XN--1CK2E1B|XN--1QQW23A|XN--2SCRJ9C|XN--30RR7Y|XN--3BST00M|XN--3DS443G|XN--3E0B707E|XN--3HCRJ9C|XN--3OQ18VL8PN36A|XN--3PXU8K|XN--42C2D9A|XN--45BR5CYL|XN--45BRJ9C|XN--45Q11C|XN--4GBRIM|XN--54B7FTA0CC|XN--55QW42G|XN--55QX5D|XN--5SU34J936BGSG|XN--5TZM5G|XN--6FRZ82G|XN--6QQ986B3XL|XN--80ADXHKS|XN--80AO21A|XN--80AQECDR1A|XN--80ASEHDB|XN--80ASWG|XN--8Y0A063A|XN--90A3AC|XN--90AE|XN--90AIS|XN--9DBQ2A|XN--9ET52U|XN--9KRT00A|XN--B4W605FERD|XN--BCK1B9A5DRE4C|XN--C1AVG|XN--C2BR7G|XN--CCK2B3B|XN--CG4BKI|XN--CLCHC0EA0B2G2A9GCD|XN--CZR694B|XN--CZRS0T|XN--CZRU2D|XN--D1ACJ3B|XN--D1ALF|XN--E1A4C|XN--ECKVDTC9D|XN--EFVY88H|XN--ESTV75G|XN--FCT429K|XN--FHBEI|XN--FIQ228C5HS|XN--FIQ64B|XN--FIQS8S|XN--FIQZ9S|XN--FJQ720A|XN--FLW351E|XN--FPCRJ9C3D|XN--FZC2C9E2C|XN--FZYS8D69UVGM|XN--G2XX48C|XN--GCKR3F0F|XN--GECRJ9C|XN--GK3AT1E|XN--H2BREG3EVE|XN--H2BRJ9C|XN--H2BRJ9C8C|XN--HXT814E|XN--I1B6B1A6A2E|XN--IMR513N|XN--IO0A7I|XN--J1AEF|XN--J1AMH|XN--J6W193G|XN--JLQ61U9W7B|XN--JVR189M|XN--KCRX77D1X4A|XN--KPRW13D|XN--KPRY57D|XN--KPU716F|XN--KPUT3I|XN--L1ACC|XN--LGBBAT1AD8J|XN--MGB9AWBF|XN--MGBA3A3EJT|XN--MGBA3A4F16A|XN--MGBA7C0BBN0A|XN--MGBAAKC7DVF|XN--MGBAAM7A8H|XN--MGBAB2BD|XN--MGBAI9AZGQP6J|XN--MGBAYH7GPA|XN--MGBB9FBPOB|XN--MGBBH1A|XN--MGBBH1A71E|XN--MGBC0A9AZCG|XN--MGBCA7DZDO|XN--MGBERP4A5D4AR|XN--MGBGU82A|XN--MGBI4ECEXP|XN--MGBPL2FH|XN--MGBT3DHD|XN--MGBTX2B|XN--MGBX4CD0AB|XN--MIX891F|XN--MK1BU44C|XN--MXTQ1M|XN--NGBC5AZD|XN--NGBE9E0A|XN--NGBRX|XN--NODE|XN--NQV7F|XN--NQV7FS00EMA|XN--NYQY26A|XN--O3CW4H|XN--OGBPF8FL|XN--P1ACF|XN--P1AI|XN--PBT977C|XN--PGBS0DH|XN--PSSY2U|XN--Q9JYB4C|XN--QCKA1PMC|XN--QXAM|XN--RHQV96G|XN--ROVU88B|XN--RVC1E0AM3E|XN--S9BRJ9C|XN--SES554G|XN--T60B56A|XN--TCKWE|XN--TIQ49XQYJ|XN--UNUP4Y|XN--VERMGENSBERATER-CTB|XN--VERMGENSBERATUNG-PWB|XN--VHQUV|XN--VUQ861B|XN--W4R85EL8FHU5DNRA|XN--W4RS40L|XN--WGBH1C|XN--WGBL6A|XN--XHQ521B|XN--XKC2AL3HYE2A|XN--XKC2DL3A5EE0H|XN--Y9A3AQ|XN--YFRO4I67O|XN--YGBI2AMMX|XN--ZFR164B|XPERIA|XXX|XYZ|YACHTS|YAHOO|YAMAXUN|YANDEX|YE|YODOBASHI|YOGA|YOKOHAMA|YOU|YOUTUBE|YT|YUN|ZA|ZAPPOS|ZARA|ZERO|ZIP|ZIPPO|ZM|ZONE|ZUERICH|ZW)$/i;\n\nexport const withCORS = (headers, request) => {\n headers[\"access-control-allow-origin\"] = \"*\";\n\n\n var corsMaxAge = request.corsAnywhereRequestState.corsMaxAge;\n if (request.method === \"OPTIONS\" && corsMaxAge) {\n headers[\"access-control-max-age\"] = corsMaxAge;\n }\n if (request.headers[\"access-control-request-method\"]) {\n headers[\"access-control-allow-methods\"] =\n request.headers[\"access-control-request-method\"];\n delete request.headers[\"access-control-request-method\"];\n }\n if (request.headers[\"access-control-request-headers\"]) {\n headers[\"access-control-allow-headers\"] =\n request.headers[\"access-control-request-headers\"];\n delete request.headers[\"access-control-request-headers\"];\n }\n\n headers[\"access-control-expose-headers\"] = Object.keys(headers).join(\",\");\n\n return headers;\n};\n\nexport const isValidHostName = hostname => {\n return !!(\n regexp.test(hostname) ||\n net.isIPv4(hostname) ||\n net.isIPv6(hostname)\n );\n};\n\nexport const parseURL = req_url => {\n var match = req_url.match(\n /^(?:(https?:)?\\/\\/)?(([^\\/?]+?)(?::(\\d{0,5})(?=[\\/?]|$))?)([\\/?][\\S\\s]*|$)/i\n );\n if (!match) {\n return null;\n }\n if (!match[1]) {\n if (/^https?:/i.test(req_url)) {\n return null;\n }\n if (req_url.lastIndexOf(\"//\", 0) === -1) {\n req_url = \"//\" + req_url;\n }\n req_url = (match[4] === \"443\" ? \"https:\" : \"http:\") + req_url;\n }\n var parsed = url.parse(req_url);\n if (!parsed.hostname) {\n return null;\n }\n return parsed;\n};\n" }, { "path": "services/lagacy/package.json", "content": "{\n \"name\": \"cors.bridged.cc\",\n \"description\": \"free cors service for everyone\",\n \"version\": \"0.1.0\",\n \"scripts\": {\n \"deploy:prod\": \"sls deploy\",\n \"dev\": \"sls offline start\"\n },\n \"dependencies\": {\n \"aws-serverless-express\": \"^3.4.0\",\n \"dynamoose\": \"^2.7.3\",\n \"express\": \"^4.17.1\",\n \"express-useragent\": \"^1.0.15\",\n \"http-proxy\": \"^1.18.1\",\n \"moment\": \"^2.29.1\",\n \"nanoid\": \"^3.1.23\",\n \"proxy-from-env\": \"^1.1.0\",\n \"response-time\": \"^2.3.2\",\n \"serverless-http\": \"^2.7.0\"\n },\n \"devDependencies\": {\n \"@hewmen/serverless-plugin-typescript\": \"^1.1.17\",\n \"@types/aws-lambda\": \"^8.10.71\",\n \"@types/express\": \"^4.17.11\",\n \"@types/http-proxy\": \"^1.17.5\",\n \"@types/node\": \"^14.14.25\",\n \"@types/proxy-from-env\": \"^1.0.1\",\n \"@types/response-time\": \"^2.3.4\",\n \"serverless\": \"^2.22.0\",\n \"serverless-domain-manager\": \"^5.1.0\",\n \"serverless-dynamodb-local\": \"^0.2.39\",\n \"serverless-offline\": \"^6.8.0\",\n \"serverless-plugin-dynamo-autoscaling\": \"^1.0.1\",\n \"serverless-plugin-optimize\": \"^4.1.4-rc.1\",\n \"typescript\": \"^4.1.3\"\n }\n}" }, { "path": "services/lagacy/serverless.yml", "content": "# Welcome to serverless. Read the docs\n# https://serverless.com/framework/docs/\nframeworkVersion: \"2\"\nservice: cors\nuseDotenv: true\ncustom:\n customDomain:\n # legacy. won't support in the future\n domainName: cors.bridged.cc\n basePath: \"\"\n stage: ${self:provider.stage}\n createRoute53Record: true\n # - http:\n # domainName: cors.grida.cc\n # basePath: \"\"\n # stage: \"production\"\n # createRoute53Record: true\n\n serverless-offline:\n httpPort: 4012\n\nprovider:\n name: aws\n memorySize: 128\n runtime: nodejs12.x\n apiGateway:\n shouldStartNameWithService: true\n binaryMediaTypes:\n - \"*/*\"\n endpointType: regional\n region: us-west-1\n environment:\n AWS_NODEJS_CONNECTION_REUSE_ENABLED: \"1\"\n DYNAMODB_TABLE_USAGE_LOG: \"${self:service}-usage-log-${opt:stage, self:provider.stage}\"\n iamRoleStatements:\n - Effect: Allow\n Action:\n - dynamodb:Query\n - dynamodb:Scan\n - dynamodb:GetItem\n - dynamodb:PutItem\n - dynamodb:UpdateItem\n - dynamodb:DeleteItem\n - dynamodb:DescribeTable\n Resource: \"arn:aws:dynamodb:${opt:region, self:provider.region}:*:table/${self:provider.environment.DYNAMODB_TABLE_USAGE_LOG}\"\n\nresources:\n Resources:\n usageLogTable:\n Type: AWS::DynamoDB::Table\n Properties:\n TableName: \"${self:provider.environment.DYNAMODB_TABLE_USAGE_LOG}\"\n KeySchema:\n - AttributeName: id\n KeyType: HASH\n AttributeDefinitions:\n - AttributeName: id\n AttributeType: S\n - AttributeName: app\n AttributeType: S\n GlobalSecondaryIndexes:\n - IndexName: appIndex\n KeySchema:\n - AttributeName: app\n KeyType: HASH\n Projection:\n ProjectionType: \"ALL\"\n ProvisionedThroughput:\n ReadCapacityUnits: 10\n WriteCapacityUnits: 10 # no write is required\n ProvisionedThroughput:\n ReadCapacityUnits: 10 # no read is required\n WriteCapacityUnits: 10\n\n# The `functions` block defines what code to deploy\nfunctions:\n api:\n handler: src/index.handler\n maximumEventAge: 60\n maximumRetryAttempts: 0\n timeout: 12\n events:\n - http:\n path: /{proxy+}\n method: any\n - http:\n path: /\n method: get\n\nplugins:\n - \"@hewmen/serverless-plugin-typescript\"\n - serverless-plugin-optimize\n - serverless-dynamodb-local\n - serverless-offline\n - serverless-domain-manager\n" }, { "path": "services/lagacy/src/_util/size.ts", "content": "export const MB = 1048576;\n\n/**\n * 1 seconds in ms\n */\nexport const SEC = 1000;\n" }, { "path": "services/lagacy/src/app.ts", "content": "import * as express from \"express\";\nimport * as useragent from \"express-useragent\";\nimport * as corsProxy from \"../lib/cors\";\nimport * as responsetime from \"response-time\";\n\nimport { logRequest } from \"./usage\";\nimport { blaklistoriginlimit, payloadlimit } from \"./limit\";\n// import { unauthorizedAppBlocking } from \"./auth\";\n\nconst app = express();\n\nconst cors_proxy = corsProxy.createServer({\n // https://github.com/Rob--W/cors-anywhere/issues/39\n requireHeader: [\"origin\", \"x-requested-with\"],\n // requireHeader: [],\n removeHeaders: [\n \"cookie\",\n \"cookie2\",\n \"x-request-start\",\n \"x-request-id\",\n \"via\",\n \"connect-time\",\n \"total-route-time\",\n ],\n redirectSameOrigin: true,\n httpProxyOptions: {\n xfwd: false,\n },\n});\n\napp.get(\"/\", function (req, res) {\n res.redirect(\"https://app.cors.bridged.cc/\");\n});\n\napp.use(blaklistoriginlimit); // 1\napp.use(payloadlimit); // 2\n// disabling due to cors.sh migration\n// app.use(unauthorizedAppBlocking); // 3\n\napp.use(\n responsetime({\n suffix: false,\n })\n);\napp.use(useragent.express());\n\n// -- execution order matters --\n// (1)\napp.use((req, res, next) => {\n if (res.headersSent) {\n return;\n }\n\n try {\n cors_proxy.emit(\"request\", req, res);\n next();\n } catch (_) {}\n});\n\n// (2)\n/**\n * after response middleware\n */\napp.use((req, res) => {\n res.on(\"finish\", () => {\n logRequest(req, res);\n });\n});\n// -- execution order matters --\n\n/**\n * global error handler\n */\napp.use(((err, req, res, next) => {\n if (res.headersSent) {\n return;\n }\n try {\n return res.status(500).json({\n message: \"Internal Server Error\",\n error: err,\n issue: \"https://github.com/bridgedxyz/base/issues\",\n });\n } catch (_) {}\n}) as express.ErrorRequestHandler);\n\nexport { app };\n" }, { "path": "services/lagacy/src/auth/_tmp_static_api_keys/.gitignore", "content": "# manuall managed credentials (temporal)\nkeys.js" }, { "path": "services/lagacy/src/auth/_tmp_static_api_keys/README.md", "content": "# Temporal manually managed api key store\n" }, { "path": "services/lagacy/src/auth/_tmp_static_api_keys/index.js", "content": "export { default as keys } from \"./keys\";\n" }, { "path": "services/lagacy/src/auth/index.ts", "content": "export { unauthorizedAppBlocking } from \"./static-account-api-key-auth\";\n" }, { "path": "services/lagacy/src/auth/static-account-api-key-auth.ts", "content": "import * as express from \"express\";\nimport { keys } from \"./_tmp_static_api_keys\";\n/**\n * cors.grida.cc static api key header\n */\nconst STATIC_CORS_ACCOUNT_API_KEY_HEADER = \"x-cors-grida-api-key\";\n\nconst nokey401UnAuthorized = () => {\n return \"https://bit.ly/2UnZSA8\";\n // return {\n // message: `CORS Proxy request from origin \"${origin}\" is not allowed. Request is unauthorized`,\n // issue: \"https://github.com/bridgedxyz/base/issues/23\",\n // };\n};\n\nexport const unauthorizedAppBlocking = (\n req: express.Request,\n res: express.Response,\n next\n) => {\n // skip api key check for preflight requests\n if (req.method == \"OPTIONS\" || req.method == \"HEAD\") {\n next();\n }\n const apikey: string = req.headers[\n STATIC_CORS_ACCOUNT_API_KEY_HEADER\n ] as string;\n if (apikey && validate_api_key(apikey)) {\n next();\n } else {\n res.status(401).send(nokey401UnAuthorized());\n return;\n }\n};\n\nfunction validate_api_key(apikey: string) {\n if (!apikey || apikey == \"\") {\n return false;\n }\n const found = (keys as string[]).find(s => s === apikey);\n if (found) {\n return true;\n }\n return false;\n}\n" }, { "path": "services/lagacy/src/index.ts", "content": "import * as serverlessExpress from \"aws-serverless-express\";\nimport { APIGatewayProxyHandler } from \"aws-lambda\";\n\nimport { app } from \"./app\";\n\nconst binaryMimeTypes = [\n '*/*'\n\n // https://github.com/vendia/serverless-express/blob/master/examples/basic-starter/lambda.js\n // 'application/javascript',\n // 'application/json',\n // 'application/octet-stream',\n // 'application/xml',\n // 'font/eot',\n // 'font/opentype',\n // 'font/otf',\n // 'image/jpeg',\n // 'image/png',\n // 'image/svg+xml',\n // 'text/comma-separated-values',\n // 'text/css',\n // 'text/html',\n // 'text/javascript',\n // 'text/plain',\n // 'text/text',\n // 'text/xml'\n]\n\nconst server = serverlessExpress.createServer(app, null, binaryMimeTypes)\n\nexport const handler: APIGatewayProxyHandler = (event, context) => {\n serverlessExpress.proxy(server, event, context);\n};" }, { "path": "services/lagacy/src/limit/README.md", "content": "# Limitation handler" }, { "path": "services/lagacy/src/limit/blacklist-origin.ts", "content": "import * as express from \"express\";\n\n/**\n * explicitly black listed origins. these are not registered to use base.\n */\nconst blacklisted_origin: string[] = [\n \"REJECTME\",\n // WAITING FOR SERVICE PROVIDER'S ACTION\n \"titronline.org\",\n \"titr.online\",\n \"showsport.xyz\",\n \"cdn14.esp-cdn.xyz\",\n \"digi-hdsport.com\",\n \"siunus.github.io\",\n // ILLEGAL OR AUDULT WEBSITE (PERMINANTLY BLOCKED)\n \"twerktvnaija.com\",\n];\n\nconst blacked401UnAuthorized = (origin: string) => {\n return \"https://bit.ly/2UnZSA8\";\n // return {\n // message: `CORS Proxy request from origin \"${origin}\" is not allowed. Request is unauthorized`,\n // issue: \"https://github.com/bridgedxyz/base/issues/23\",\n // };\n};\n\nexport const blaklistoriginlimit = (\n req: express.Request,\n res: express.Response,\n next\n) => {\n const origin = req.headers[\"origin\"];\n\n if (origin) {\n if (blacked(origin)) {\n res.status(401).send(blacked401UnAuthorized(origin));\n return;\n }\n }\n next();\n};\n\nfunction blacked(origin: string): boolean {\n // patterns\n // 1. www.\n // 2. http//\n // 3. https//\n // 4. http://\n // 5. ....\n try {\n const u = new URL(origin);\n return blacklisted_origin.some(o => {\n return u.hostname == o || u.hostname == \"www.\" + o;\n });\n } catch (_) {\n // we cannot handle url that is invalid (need better logic for this)\n return false;\n }\n}\n" }, { "path": "services/lagacy/src/limit/index.ts", "content": "export * from \"./payload-limit\";\nexport * from \"./blacklist-origin\";\n" }, { "path": "services/lagacy/src/limit/payload-limit.ts", "content": "import * as https from \"https\";\nimport * as http from \"http\";\nimport { MB } from \"../_util/size\";\n\n/**\n * this is to save data transfer cost. And basically we should not use CORS Proxy to load large files.\n *\n * https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-limits.html\n */\nconst MAX_TARGET_RESOURCE_MB = 2; // 6mb is max supported by api gateway. (supports up to 2mb on proxy)\n\nexport const payloadlimit = (req, res, next) => {\n const requrl = req.originalUrl.substring(1);\n\n const agent = requrl.startsWith(\"https:\") ? https : http;\n agent\n .request(requrl, { method: \"HEAD\" }, _resp => {\n const len = Number(_resp.headers[\"content-length\"]);\n if (len && len > MB * MAX_TARGET_RESOURCE_MB) {\n // reject if data larger than 30mb.\n res.status(413).send({\n message: `Requested resource exceeds ${MAX_TARGET_RESOURCE_MB}mb`,\n issue: \"https://github.com/bridgedxyz/base/issues/23\",\n });\n } else {\n // if content-length is undefined or less than 30mb, procceed.\n next();\n }\n })\n .on(\"error\", err => {\n // ignore error for this\n // target, which is anonymous, might not support HEAD request.\n next();\n })\n .end();\n};\n" }, { "path": "services/lagacy/src/limit/unknown-host-limit.ts", "content": "import { MB, SEC } from \"../_util/size\";\n\nexport const unknownhostlimit = (req, res, next) => {\n const limit = {\n timeout: 6 * SEC,\n size: 0.1 * MB,\n };\n};\n\nfunction known(url: string): boolean {\n try {\n const u = new URL(url);\n if (isIpAddress(u.hostname)) {\n return false;\n }\n return true;\n } catch (_) {\n return false;\n }\n}\n\n/**\n * pure host name e.g. 1.1.1.1 or www.grida.co\n * @param hostname\n * @returns\n */\nfunction isIpAddress(hostname: string): boolean {\n return hostname.match(/[a-z]/i) ? false : true;\n}\n\ninterface SingleProxyRequestLimitPolicy {\n timeout: number; // max time in ms\n size: number; // max size in bytes\n}\n" }, { "path": "services/lagacy/src/usage/README.md", "content": "# Usage Logging\n\n## Data we collect\n\n- client ip (for managing x-rate-limit)\n- client ua (for malicious usage preventation)\n- request url information (only host) (for understanding api usage)\n - we do not collect request query\n - we do not collect request body\n - we do not collect response body\n- response result (for collecting success rate) (collection as http status code)\n- duration (for tracking x-rate-limit for execution time)\n- payload (for tracking x-rate-limit for data transfer)\n- app (for identifying the request) (this is determined by api key you are using. pretty obvious)" }, { "path": "services/lagacy/src/usage/index.ts", "content": "import * as express from \"express\";\nimport * as dynamoose from \"dynamoose\";\nimport * as https from \"https\";\nconst agent = new https.Agent({\n keepAlive: true,\n rejectUnauthorized: true,\n maxSockets: 1000,\n});\n\ndynamoose.aws.sdk.config.update({\n httpOptions: {\n agent: agent,\n },\n});\n\nimport {\n CorsProxyApiRequest,\n CorsProxyApiRequestLog,\n CorsRequestLogModel,\n} from \"./model\";\nimport { nanoid } from \"nanoid\";\n/**\n *\n * @param req\n * @param res\n */\nexport async function logRequest(req: express.Request, res: express.Response) {\n // do not log the request if client error. (413 or 401 or 400)\n if (500 > res.statusCode && res.statusCode >= 400) {\n return;\n }\n const ip = (req.headers[\"x-forwarded-for\"] ||\n req.socket.remoteAddress) as string;\n const timestamp = new Date();\n const origin = req.headers[\"origin\"] || undefined;\n //@ts-ignore (useragent is provided by above useragent.express())\n const _uaobj = req.useragent;\n const ua = _uaobj.source; // gives the raw ua string\n const url = res.get(\"x-request-url\");\n const payload = Number(\n (() => {\n const _cl = res.get(\"content-length\");\n return _cl ? _cl : 0;\n })()\n );\n const duration = Number(\n (() => {\n const _rt = res.get(\"x-response-time\");\n return _rt ? _rt : 0;\n })()\n );\n await log({\n ip: ip,\n origin: origin,\n ua: ua,\n duration: duration,\n size: payload,\n at: timestamp,\n target: url,\n app: \"anonymous\",\n });\n}\n\nasync function log(request: CorsProxyApiRequest) {\n // console.log(\"request\", request);\n const id = nanoid();\n const billedduration = Math.ceil(request.duration / 100) * 100; // billed duration is stepped by 100ms\n try {\n const payload = new CorsRequestLogModel({\n id: id,\n billed_duration: billedduration,\n ...request,\n });\n\n await payload.save();\n } catch (_) {\n // do nothing\n }\n}\n" }, { "path": "services/lagacy/src/usage/model.ts", "content": "import * as dynamoose from \"dynamoose\";\nimport { nanoid } from \"nanoid\";\n\nexport type AppId = string | \"anonymous\" | \"official-demo\";\n\nexport interface CorsProxyApiRequest {\n /**\n * ip address of request client (could be server / app / web)\n */\n ip?: string;\n /**\n * compressed / raw user agent data of the request\n */\n ua?: string;\n\n /**\n * request origin from request headers\n */\n origin?: string;\n\n /**\n * target resource url\n */\n target: string;\n /**\n * duration in ms\n */\n duration: number;\n /**\n * data payload\n */\n size: number;\n\n /**\n * request timestamp\n */\n at: Date;\n\n /**\n * the user/requester app\n */\n app: AppId;\n}\n\nexport interface CorsProxyApiRequestLog extends CorsProxyApiRequest {\n /**\n * unique id of the request\n */\n id: string;\n\n /**\n * billing duration in ms - ceils with 100ms\n */\n billed_duration: number;\n}\n\nexport const CorsRequestLogSchema = new dynamoose.Schema(\n {\n id: {\n type: String,\n required: true,\n default: () => nanoid(),\n },\n app: {\n type: String,\n required: true,\n index: {\n name: \"appIndex\",\n },\n },\n ua: {\n type: String,\n required: false,\n },\n at: {\n type: Date,\n required: true,\n },\n size: {\n type: Number,\n required: true,\n },\n ip: {\n type: String,\n required: false,\n },\n target: {\n type: String,\n required: true,\n },\n duration: {\n type: Number,\n required: true,\n },\n billed_duration: {\n type: Number,\n required: true,\n },\n },\n {\n saveUnknown: true,\n }\n);\n\nconst CORS_REQUEST_LOG_TABLE_NAME = process.env\n .DYNAMODB_TABLE_USAGE_LOG as string;\n\nexport const CorsRequestLogModel = dynamoose.model(\n CORS_REQUEST_LOG_TABLE_NAME,\n CorsRequestLogSchema,\n {\n create: true,\n }\n);\n" }, { "path": "services/lagacy/tsconfig.json", "content": "{\n \"compilerOptions\": {\n \"preserveConstEnums\": true,\n \"strictNullChecks\": true,\n \"sourceMap\": true,\n \"allowJs\": true,\n \"target\": \"es5\",\n \"outDir\": \".build\",\n \"moduleResolution\": \"node\",\n \"lib\": [\"es2015\"],\n \"rootDir\": \"./\"\n }\n}\n" }, { "path": "services/mail.cors.sh/onboarding.mjml", "content": "\n \n \n \n \n \n \n \n .break {\n word-break: break-all !important;\n }\n \n \n \n \n \n \n

\n Your API key for\n
\n proxy.cors.sh\n

\n \n \n \n \n \n

Your temporary API key is..

\n \n \n \n

{{CODE}}

\n \n \n Copy & Paste this api key to your api call (XHR) header.\n \n

Example usage

\n \n You can use the api key like below. For more example, visit https://cors.sh/#usage\n \n \n \n
\n
\n fetch('https://proxy.cors.sh/https://acme.com', {
\n   headers: {
\n   'x-cors-api-key': '{{CODE}}'
\n   }
\n })
\n
\n
\n \n \n \n

Next (Action required)

\n \n Since this key is a temporary key to get you started, you have to sign-in & claim your account to get a permanent one. This key will only be valid for 3 days.\n \n ๐Ÿ‘‰ Get the permanent key \n \n button not working? copy & paste this link to your browser\n \n {{ONBOARDINGLINK}}\n \n \n \n \n \n \n \n \n \n \n A Grida Product | Contact\n \n \n \n \n" }, { "path": "services/mail.cors.sh/onboarding_with_payment_success.mjml", "content": "\n \n \n \n \n \n \n \n .break {\n word-break: break-all !important;\n }\n \n \n \n \n \n \n

\n Thank you for\n
\n your subscription\n

\n \n \n \n \n Weโ€™re all set. Letโ€™s get rid of the cors errors by extending your api call with proxy.cors.sh like below.\n \n

Your API key for your first application โ€œ{{APPLICATIONNAME}}โ€ is..

\n \n

\n # for testing\n
\n {{CODE_TEST}}\n
\n
\n # for production\n
\n {{CODE_LIVE}}\n

\n \n \n Copy & Paste this api key to your api call (XHR) header.\n \n

Example usage

\n \n You can use the api key like below. For more example, visit https://cors.sh/#usage\n \n \n \n
\n
\n fetch('https://proxy.cors.sh/https://acme.com', {
\n   headers: {
\n   'x-cors-api-key': '{{CODE_TEST}}'
\n   }
\n })
\n
\n
\n \n \n\n \n Read the docs\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n A Grida Product | Contact\n \n \n \n \n" }, { "path": "services/mail.cors.sh/render/onboarding.subject", "content": "CORS.SH | your API Key for cors.proxy.sh" }, { "path": "services/mail.cors.sh/render/onboarding.template.html", "content": "\n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n

\n Your API key for\n
\n proxy.cors.sh\n

\n \n \n \n \n \n \n \n \n \n \n
\n \n \n \n \n \n \n \n
\n \n \n \n
\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n

Your temporary API key is..

\n \n \n \n \n \n \n \n \n

{{CODE}}

\n
\n \n \n \n \n \n \n \n Copy & Paste this api key to your api call (XHR) header.
\n \n \n \n \n \n \n \n

Example usage

\n \n \n \n \n \n \n \n You can use the api key like below. For more example, visit https://cors.sh/#usage\n \n \n \n \n \n \n \n \n
\n
\n fetch('https://proxy.cors.sh/https://acme.com', {
\n   headers: {
\n   'x-cors-api-key': '{{CODE}}'
\n   }
\n })
\n
\n
\n \n \n \n \n \n \n \n \n

Next (Action required)

\n \n \n \n \n \n \n \n Since this key is a temporary key to get you started, you have to sign-in & claim your account to get a permanent one. This key will only be valid for 3 days.\n \n \n \n \n \n \n \n \n \n \n \n \n ๐Ÿ‘‰ Get the permanent key\n \n \n \n \n \n \n \n \n \n \n \n \n button not working? copy & paste this link to your browser\n \n {{ONBOARDINGLINK}}\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n
\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n A Grida Product | Contact\n
\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n " }, { "path": "services/mail.cors.sh/render/onboarding_with_payment_success.subject", "content": "CORS.SH | Your first project" }, { "path": "services/mail.cors.sh/render/onboarding_with_payment_success.template.html", "content": "\n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n

\n Thank you for\n
\n your subscription\n

\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n
\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n Weโ€™re all set. Letโ€™s get rid of the cors errors by extending your api call with proxy.cors.sh like below.
\n \n \n \n \n \n \n \n

Your API key for your first application โ€œ{{APPLICATIONNAME}}โ€ is..

\n \n

\n # for testing\n
\n {{CODE_TEST}}\n
\n
\n # for production\n
\n {{CODE_LIVE}}\n

\n \n \n \n \n \n \n \n \n Copy & Paste this api key to your api call (XHR) header.\n \n \n \n \n \n \n \n

Example usage

\n \n \n \n \n \n \n \n You can use the api key like below. For more example, visit https://cors.sh/#usage\n \n \n \n \n \n \n \n \n
\n
\n fetch('https://proxy.cors.sh/https://acme.com', {
\n   headers: {
\n   'x-cors-api-key': '{{CODE_TEST}}'
\n   }
\n })
\n
\n
\n \n \n \n \n \n \n \n \n Read the docs\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n
\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n A Grida Product | Contact\n
\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n " }, { "path": "services/proxy.cors.sh/.gitignore", "content": "# compiled output\n/dist\n/node_modules\n.build\n# Logs\nlogs\n*.log\nnpm-debug.log*\nyarn-debug.log*\nyarn-error.log*\nlerna-debug.log*\n\n# OS\n.DS_Store\n\n# Tests\n/coverage\n/.nyc_output\n\n# IDEs and editors\n/.idea\n.project\n.classpath\n.c9/\n*.launch\n.settings/\n*.sublime-workspace\n\n# IDE - VSCode\n.vscode/*\n!.vscode/settings.json\n!.vscode/tasks.json\n!.vscode/launch.json\n!.vscode/extensions.json\n\n\n# env\n.env\n.env.staging\n.env.production" }, { "path": "services/proxy.cors.sh/README.md", "content": "# CORS.BRIDGED.CC\n\n![cors.sh cover artwork](./docs/artwork_cors.sh.jpg)\n\n## The Web deployment\n\napp.cors.bridged.cc is linked to repositoy https://github.com/bridgedxyz/proxy-client, deployed via aws amplify on `proxy-client`'s `app.cors.bridged.xyz` branch\n\n**other cd options**\nusing serverless-finch (dropped & not used)\n\n> this is an obsolete approach of deploying web to s3, which we are no longer using\n\nin serverless.yml\n\n```\ncustom:\n scripts:\n hooks:\n 'before:package:createDeploymentArtifacts': yarn --cwd web build && sls client deploy\n client:\n bucketName: app.cors.bridged.cc\n distributionFolder: web/build\n indexDocument: index.html\n errorDocument: index.html\n\nplugins:\n - serverless-finch\n```\n\n```\nyarn add --dev serverless-plugin-scripts serverless-finch\n```\n" }, { "path": "services/proxy.cors.sh/contributing.md", "content": "## running redis server locally\n\n```\ndocker run -d --name redis-stack-server -p 6379:6379 redis/redis-stack-server:latest\n```\n" }, { "path": "services/proxy.cors.sh/deploy/prod.sh", "content": "sls deploy --stage production \\\n --param=\"domain=true\"" }, { "path": "services/proxy.cors.sh/deploy/staging.sh", "content": "sls deploy --stage staging \\\n --param=\"domain=false\"" }, { "path": "services/proxy.cors.sh/docs/README.md", "content": "# Docs & Image resources directory" }, { "path": "services/proxy.cors.sh/lib/cors.ts", "content": "import * as httpProxy from \"http-proxy\";\nimport * as https from \"https\";\nimport * as http from \"http\";\nimport * as url from \"url\";\nimport { getProxyForUrl } from \"proxy-from-env\";\nimport { withCORS, isValidHostName, parseURL } from \"./utils\";\n\ninterface OptionParams {\n httpProxyOptions: httpProxy.ServerOptions;\n httpsOptions?: https.ServerOptions;\n [x: string]: any;\n}\n\nfunction proxyRequest(req, res, proxy) {\n var location = req.corsAnywhereRequestState.location;\n req.url = location.path;\n\n var proxyOptions: any = {\n changeOrigin: false,\n prependPath: false,\n target: location,\n headers: {\n host: location.host,\n },\n buffer: {\n pipe: function (proxyReq) {\n var proxyReqOn = proxyReq.on;\n proxyReq.on = function (eventName, listener) {\n if (eventName !== \"response\") {\n return proxyReqOn.call(this, eventName, listener);\n }\n return proxyReqOn.call(this, \"response\", function (proxyRes) {\n if (onProxyResponse(proxy, proxyReq, proxyRes, req, res)) {\n try {\n listener(proxyRes);\n } catch (err) {\n proxyReq.emit(\"error\", err);\n }\n }\n });\n };\n return req.pipe(proxyReq);\n },\n },\n };\n\n var proxyThroughUrl = req.corsAnywhereRequestState.getProxyForUrl(\n location.href\n );\n if (proxyThroughUrl) {\n proxyOptions.target = proxyThroughUrl;\n proxyOptions.toProxy = true;\n req.url = location.href;\n }\n\n try {\n proxy.web(req, res, proxyOptions);\n } catch (err) {\n proxy.emit(\"error\", err, req, res);\n }\n}\n\nfunction onProxyResponse(proxy, proxyReq, proxyRes, req, res) {\n var requestState = req.corsAnywhereRequestState;\n\n var statusCode = proxyRes.statusCode;\n\n if (!requestState.redirectCount_) {\n res.setHeader(\"x-request-url\", requestState.location.href);\n }\n if (\n statusCode === 301 ||\n statusCode === 302 ||\n statusCode === 303 ||\n statusCode === 307 ||\n statusCode === 308\n ) {\n var locationHeader = proxyRes.headers.location;\n var parsedLocation;\n if (locationHeader) {\n locationHeader = url.resolve(requestState.location.href, locationHeader);\n parsedLocation = parseURL(locationHeader);\n }\n if (parsedLocation) {\n if (statusCode === 301 || statusCode === 302 || statusCode === 303) {\n requestState.redirectCount_ = requestState.redirectCount_ + 1 || 1;\n if (requestState.redirectCount_ <= requestState.maxRedirects) {\n res.setHeader(\n \"X-CORS-Redirect-\" + requestState.redirectCount_,\n statusCode + \" \" + locationHeader\n );\n\n req.method = \"GET\";\n req.headers[\"content-length\"] = \"0\";\n delete req.headers[\"content-type\"];\n requestState.location = parsedLocation;\n req.removeAllListeners();\n proxyReq.removeAllListeners(\"error\");\n proxyReq.once(\"error\", function catchAndIgnoreError() {});\n proxyReq.abort();\n proxyRequest(req, res, proxy);\n return false;\n }\n }\n proxyRes.headers.location =\n requestState.proxyBaseUrl + \"/\" + locationHeader;\n }\n }\n\n delete proxyRes.headers[\"set-cookie\"];\n delete proxyRes.headers[\"set-cookie2\"];\n\n proxyRes.headers[\"x-final-url\"] = requestState.location.href;\n withCORS(proxyRes.headers, req);\n return true;\n}\n\nfunction getHandler(options, proxy) {\n var corsAnywhere: any = {\n getProxyForUrl: getProxyForUrl, // Function that specifies the proxy to use\n maxRedirects: 5, // Maximum number of redirects to be followed.\n originBlacklist: [], // Requests from these origins will be blocked.\n originWhitelist: [], // If non-empty, requests not from an origin in this list will be blocked.\n checkRateLimit: null, // Function that may enforce a rate-limit by returning a non-empty string.\n redirectSameOrigin: false, // Redirect the client to the requested URL for same-origin requests.\n requireHeader: null, // Require a header to be set?\n removeHeaders: [], // Strip these request headers.\n setHeaders: {}, // Set these request headers.\n corsMaxAge: 0, // If set, an Access-Control-Max-Age header with this value (in seconds) will be added.\n helpFile: __dirname + \"/help.txt\",\n };\n\n Object.keys(corsAnywhere).forEach(function (option) {\n if (Object.prototype.hasOwnProperty.call(options, option)) {\n corsAnywhere[option] = options[option];\n }\n });\n if (corsAnywhere.requireHeader) {\n if (typeof corsAnywhere.requireHeader === \"string\") {\n corsAnywhere.requireHeader = [corsAnywhere.requireHeader.toLowerCase()];\n } else if (\n !Array.isArray(corsAnywhere.requireHeader) ||\n corsAnywhere.requireHeader.length === 0\n ) {\n corsAnywhere.requireHeader = null;\n } else {\n corsAnywhere.requireHeader = corsAnywhere.requireHeader.map(function (\n headerName\n ) {\n return headerName.toLowerCase();\n });\n }\n }\n var hasRequiredHeaders = function (headers) {\n return (\n !corsAnywhere.requireHeader ||\n corsAnywhere.requireHeader.some(function (headerName) {\n return Object.hasOwnProperty.call(headers, headerName);\n })\n );\n };\n\n return function (req, res) {\n req.corsAnywhereRequestState = {\n getProxyForUrl: corsAnywhere.getProxyForUrl,\n maxRedirects: corsAnywhere.maxRedirects,\n corsMaxAge: corsAnywhere.corsMaxAge,\n };\n\n var cors_headers = withCORS({}, req);\n if (req.method === \"OPTIONS\") {\n res.writeHead(200, cors_headers);\n res.end();\n return;\n }\n\n var location: any = parseURL(req.url.slice(1));\n\n if (location.host === \"iscorsneeded\") {\n res.writeHead(200, { \"Content-Type\": \"text/plain\" });\n res.end(\"no\");\n return;\n }\n\n if (location.port > 65535) {\n res.writeHead(400, \"Invalid port\", cors_headers);\n res.end(\"Port number too large: \" + location.port);\n return;\n }\n\n if (!/^\\/https?:/.test(req.url) && !isValidHostName(location.hostname)) {\n res.writeHead(404, \"Invalid host\", cors_headers);\n res.end(\"Invalid host: \" + location.hostname);\n return;\n }\n\n if (!hasRequiredHeaders(req.headers)) {\n res.writeHead(400, \"Header required\", cors_headers);\n res.end(\n \"Missing required request header. Must specify one of: \" +\n corsAnywhere.requireHeader +\n \"\\n\" +\n \"If you are testing out, you can try at https://cors.sh/playground\"\n );\n return;\n }\n\n var origin = req.headers.origin || \"\";\n if (corsAnywhere.originBlacklist.indexOf(origin) >= 0) {\n res.writeHead(403, \"Forbidden\", cors_headers);\n res.end(\n 'The origin \"' +\n origin +\n '\" was blacklisted by the operator of this proxy.'\n );\n return;\n }\n\n if (\n corsAnywhere.originWhitelist.length &&\n corsAnywhere.originWhitelist.indexOf(origin) === -1\n ) {\n res.writeHead(403, \"Forbidden\", cors_headers);\n res.end(\n 'The origin \"' +\n origin +\n '\" was not whitelisted by the operator of this proxy.'\n );\n return;\n }\n\n var rateLimitMessage =\n corsAnywhere.checkRateLimit && corsAnywhere.checkRateLimit(origin);\n if (rateLimitMessage) {\n res.writeHead(429, \"Too Many Requests\", cors_headers);\n res.end(\n 'The origin \"' +\n origin +\n '\" has sent too many requests.\\n' +\n rateLimitMessage\n );\n return;\n }\n\n if (\n corsAnywhere.redirectSameOrigin &&\n origin &&\n location.href[origin.length] === \"/\" &&\n location.href.lastIndexOf(origin, 0) === 0\n ) {\n cors_headers.vary = \"origin\";\n cors_headers[\"cache-control\"] = \"private\";\n cors_headers.location = location.href;\n res.writeHead(301, \"Please use a direct request\", cors_headers);\n res.end();\n return;\n }\n\n var isRequestedOverHttps =\n req.connection.encrypted ||\n /^\\s*https/.test(req.headers[\"x-forwarded-proto\"]);\n var proxyBaseUrl =\n (isRequestedOverHttps ? \"https://\" : \"http://\") + req.headers.host;\n\n corsAnywhere.removeHeaders.forEach(function (header) {\n delete req.headers[header];\n });\n\n Object.keys(corsAnywhere.setHeaders).forEach(function (header) {\n req.headers[header] = corsAnywhere.setHeaders[header];\n });\n\n req.corsAnywhereRequestState.location = location;\n req.corsAnywhereRequestState.proxyBaseUrl = proxyBaseUrl;\n\n proxyRequest(req, res, proxy);\n };\n}\n\nexport const createServer = (options: OptionParams) => {\n var server: https.Server | http.Server;\n var httpProxyOptions: httpProxy.ServerOptions = {\n xfwd: true, // Append X-Forwarded-* headers\n };\n\n options = options || {};\n\n if (options.httpProxyOptions) {\n Object.keys(options.httpProxyOptions).forEach(function (option) {\n httpProxyOptions[option] = options.httpProxyOptions[option];\n });\n }\n\n var proxy: httpProxy = httpProxy.createServer(httpProxyOptions);\n var requestHandler = getHandler(options, proxy);\n if (options.httpsOptions) {\n server = https.createServer(options.httpsOptions, requestHandler);\n } else {\n server = http.createServer(requestHandler);\n }\n\n proxy.on(\n \"error\",\n function (err: Error, _: http.IncomingMessage, res: http.ServerResponse) {\n if (process.env.NODE_ENV !== \"production\") {\n console.error(\"Proxy error: \", err, res);\n }\n\n if (res.headersSent) {\n if (res.writableEnded === false) {\n res.end();\n }\n return;\n }\n var headerNames = res.getHeaderNames\n ? res.getHeaderNames()\n : //@ts-ignore\n Object.keys(res._headers || {});\n headerNames.forEach(function (name) {\n res.removeHeader(name);\n });\n\n res.writeHead(404, { \"Access-Control-Allow-Origin\": \"*\" });\n res.end(\"Not found because of proxy error: \" + err);\n }\n );\n return server;\n};\n" }, { "path": "services/proxy.cors.sh/lib/utils.ts", "content": "import * as net from \"net\";\nimport * as url from \"url\";\n\nexport const regexp = /\\.(?:AAA|AARP|ABARTH|ABB|ABBOTT|ABBVIE|ABC|ABLE|ABOGADO|ABUDHABI|AC|ACADEMY|ACCENTURE|ACCOUNTANT|ACCOUNTANTS|ACO|ACTIVE|ACTOR|AD|ADAC|ADS|ADULT|AE|AEG|AERO|AETNA|AF|AFAMILYCOMPANY|AFL|AFRICA|AG|AGAKHAN|AGENCY|AI|AIG|AIGO|AIRBUS|AIRFORCE|AIRTEL|AKDN|AL|ALFAROMEO|ALIBABA|ALIPAY|ALLFINANZ|ALLSTATE|ALLY|ALSACE|ALSTOM|AM|AMERICANEXPRESS|AMERICANFAMILY|AMEX|AMFAM|AMICA|AMSTERDAM|ANALYTICS|ANDROID|ANQUAN|ANZ|AO|AOL|APARTMENTS|APP|APPLE|AQ|AQUARELLE|AR|ARAB|ARAMCO|ARCHI|ARMY|ARPA|ART|ARTE|AS|ASDA|ASIA|ASSOCIATES|AT|ATHLETA|ATTORNEY|AU|AUCTION|AUDI|AUDIBLE|AUDIO|AUSPOST|AUTHOR|AUTO|AUTOS|AVIANCA|AW|AWS|AX|AXA|AZ|AZURE|BA|BABY|BAIDU|BANAMEX|BANANAREPUBLIC|BAND|BANK|BAR|BARCELONA|BARCLAYCARD|BARCLAYS|BAREFOOT|BARGAINS|BASEBALL|BASKETBALL|BAUHAUS|BAYERN|BB|BBC|BBT|BBVA|BCG|BCN|BD|BE|BEATS|BEAUTY|BEER|BENTLEY|BERLIN|BEST|BESTBUY|BET|BF|BG|BH|BHARTI|BI|BIBLE|BID|BIKE|BING|BINGO|BIO|BIZ|BJ|BLACK|BLACKFRIDAY|BLANCO|BLOCKBUSTER|BLOG|BLOOMBERG|BLUE|BM|BMS|BMW|BN|BNL|BNPPARIBAS|BO|BOATS|BOEHRINGER|BOFA|BOM|BOND|BOO|BOOK|BOOKING|BOOTS|BOSCH|BOSTIK|BOSTON|BOT|BOUTIQUE|BOX|BR|BRADESCO|BRIDGESTONE|BROADWAY|BROKER|BROTHER|BRUSSELS|BS|BT|BUDAPEST|BUGATTI|BUILD|BUILDERS|BUSINESS|BUY|BUZZ|BV|BW|BY|BZ|BZH|CA|CAB|CAFE|CAL|CALL|CALVINKLEIN|CAM|CAMERA|CAMP|CANCERRESEARCH|CANON|CAPETOWN|CAPITAL|CAPITALONE|CAR|CARAVAN|CARDS|CARE|CAREER|CAREERS|CARS|CARTIER|CASA|CASE|CASEIH|CASH|CASINO|CAT|CATERING|CATHOLIC|CBA|CBN|CBRE|CBS|CC|CD|CEB|CENTER|CEO|CERN|CF|CFA|CFD|CG|CH|CHANEL|CHANNEL|CHASE|CHAT|CHEAP|CHINTAI|CHRISTMAS|CHROME|CHRYSLER|CHURCH|CI|CIPRIANI|CIRCLE|CISCO|CITADEL|CITI|CITIC|CITY|CITYEATS|CK|CL|CLAIMS|CLEANING|CLICK|CLINIC|CLINIQUE|CLOTHING|CLOUD|CLUB|CLUBMED|CM|CN|CO|COACH|CODES|COFFEE|COLLEGE|COLOGNE|COM|COMCAST|COMMBANK|COMMUNITY|COMPANY|COMPARE|COMPUTER|COMSEC|CONDOS|CONSTRUCTION|CONSULTING|CONTACT|CONTRACTORS|COOKING|COOKINGCHANNEL|COOL|COOP|CORSICA|COUNTRY|COUPON|COUPONS|COURSES|CR|CREDIT|CREDITCARD|CREDITUNION|CRICKET|CROWN|CRS|CRUISE|CRUISES|CSC|CU|CUISINELLA|CV|CW|CX|CY|CYMRU|CYOU|CZ|DABUR|DAD|DANCE|DATA|DATE|DATING|DATSUN|DAY|DCLK|DDS|DE|DEAL|DEALER|DEALS|DEGREE|DELIVERY|DELL|DELOITTE|DELTA|DEMOCRAT|DENTAL|DENTIST|DESI|DESIGN|DEV|DHL|DIAMONDS|DIET|DIGITAL|DIRECT|DIRECTORY|DISCOUNT|DISCOVER|DISH|DIY|DJ|DK|DM|DNP|DO|DOCS|DOCTOR|DODGE|DOG|DOHA|DOMAINS|DOT|DOWNLOAD|DRIVE|DTV|DUBAI|DUCK|DUNLOP|DUNS|DUPONT|DURBAN|DVAG|DVR|DZ|EARTH|EAT|EC|ECO|EDEKA|EDU|EDUCATION|EE|EG|EMAIL|EMERCK|ENERGY|ENGINEER|ENGINEERING|ENTERPRISES|EPOST|EPSON|EQUIPMENT|ER|ERICSSON|ERNI|ES|ESQ|ESTATE|ESURANCE|ET|ETISALAT|EU|EUROVISION|EUS|EVENTS|EVERBANK|EXCHANGE|EXPERT|EXPOSED|EXPRESS|EXTRASPACE|FAGE|FAIL|FAIRWINDS|FAITH|FAMILY|FAN|FANS|FARM|FARMERS|FASHION|FAST|FEDEX|FEEDBACK|FERRARI|FERRERO|FI|FIAT|FIDELITY|FIDO|FILM|FINAL|FINANCE|FINANCIAL|FIRE|FIRESTONE|FIRMDALE|FISH|FISHING|FIT|FITNESS|FJ|FK|FLICKR|FLIGHTS|FLIR|FLORIST|FLOWERS|FLY|FM|FO|FOO|FOOD|FOODNETWORK|FOOTBALL|FORD|FOREX|FORSALE|FORUM|FOUNDATION|FOX|FR|FREE|FRESENIUS|FRL|FROGANS|FRONTDOOR|FRONTIER|FTR|FUJITSU|FUJIXEROX|FUN|FUND|FURNITURE|FUTBOL|FYI|GA|GAL|GALLERY|GALLO|GALLUP|GAME|GAMES|GAP|GARDEN|GB|GBIZ|GD|GDN|GE|GEA|GENT|GENTING|GEORGE|GF|GG|GGEE|GH|GI|GIFT|GIFTS|GIVES|GIVING|GL|GLADE|GLASS|GLE|GLOBAL|GLOBO|GM|GMAIL|GMBH|GMO|GMX|GN|GODADDY|GOLD|GOLDPOINT|GOLF|GOO|GOODHANDS|GOODYEAR|GOOG|GOOGLE|GOP|GOT|GOV|GP|GQ|GR|GRAINGER|GRAPHICS|GRATIS|GREEN|GRIPE|GROCERY|GROUP|GS|GT|GU|GUARDIAN|GUCCI|GUGE|GUIDE|GUITARS|GURU|GW|GY|HAIR|HAMBURG|HANGOUT|HAUS|HBO|HDFC|HDFCBANK|HEALTH|HEALTHCARE|HELP|HELSINKI|HERE|HERMES|HGTV|HIPHOP|HISAMITSU|HITACHI|HIV|HK|HKT|HM|HN|HOCKEY|HOLDINGS|HOLIDAY|HOMEDEPOT|HOMEGOODS|HOMES|HOMESENSE|HONDA|HONEYWELL|HORSE|HOSPITAL|HOST|HOSTING|HOT|HOTELES|HOTELS|HOTMAIL|HOUSE|HOW|HR|HSBC|HT|HU|HUGHES|HYATT|HYUNDAI|IBM|ICBC|ICE|ICU|ID|IE|IEEE|IFM|IKANO|IL|IM|IMAMAT|IMDB|IMMO|IMMOBILIEN|IN|INDUSTRIES|INFINITI|INFO|ING|INK|INSTITUTE|INSURANCE|INSURE|INT|INTEL|INTERNATIONAL|INTUIT|INVESTMENTS|IO|IPIRANGA|IQ|IR|IRISH|IS|ISELECT|ISMAILI|IST|ISTANBUL|IT|ITAU|ITV|IVECO|IWC|JAGUAR|JAVA|JCB|JCP|JE|JEEP|JETZT|JEWELRY|JIO|JLC|JLL|JM|JMP|JNJ|JO|JOBS|JOBURG|JOT|JOY|JP|JPMORGAN|JPRS|JUEGOS|JUNIPER|KAUFEN|KDDI|KE|KERRYHOTELS|KERRYLOGISTICS|KERRYPROPERTIES|KFH|KG|KH|KI|KIA|KIM|KINDER|KINDLE|KITCHEN|KIWI|KM|KN|KOELN|KOMATSU|KOSHER|KP|KPMG|KPN|KR|KRD|KRED|KUOKGROUP|KW|KY|KYOTO|KZ|LA|LACAIXA|LADBROKES|LAMBORGHINI|LAMER|LANCASTER|LANCIA|LANCOME|LAND|LANDROVER|LANXESS|LASALLE|LAT|LATINO|LATROBE|LAW|LAWYER|LB|LC|LDS|LEASE|LECLERC|LEFRAK|LEGAL|LEGO|LEXUS|LGBT|LI|LIAISON|LIDL|LIFE|LIFEINSURANCE|LIFESTYLE|LIGHTING|LIKE|LILLY|LIMITED|LIMO|LINCOLN|LINDE|LINK|LIPSY|LIVE|LIVING|LIXIL|LK|LOAN|LOANS|LOCKER|LOCUS|LOFT|LOL|LONDON|LOTTE|LOTTO|LOVE|LPL|LPLFINANCIAL|LR|LS|LT|LTD|LTDA|LU|LUNDBECK|LUPIN|LUXE|LUXURY|LV|LY|MA|MACYS|MADRID|MAIF|MAISON|MAKEUP|MAN|MANAGEMENT|MANGO|MAP|MARKET|MARKETING|MARKETS|MARRIOTT|MARSHALLS|MASERATI|MATTEL|MBA|MC|MCKINSEY|MD|ME|MED|MEDIA|MEET|MELBOURNE|MEME|MEMORIAL|MEN|MENU|MEO|MERCKMSD|METLIFE|MG|MH|MIAMI|MICROSOFT|MIL|MINI|MINT|MIT|MITSUBISHI|MK|ML|MLB|MLS|MM|MMA|MN|MO|MOBI|MOBILE|MOBILY|MODA|MOE|MOI|MOM|MONASH|MONEY|MONSTER|MOPAR|MORMON|MORTGAGE|MOSCOW|MOTO|MOTORCYCLES|MOV|MOVIE|MOVISTAR|MP|MQ|MR|MS|MSD|MT|MTN|MTR|MU|MUSEUM|MUTUAL|MV|MW|MX|MY|MZ|NA|NAB|NADEX|NAGOYA|NAME|NATIONWIDE|NATURA|NAVY|NBA|NC|NE|NEC|NET|NETBANK|NETFLIX|NETWORK|NEUSTAR|NEW|NEWHOLLAND|NEWS|NEXT|NEXTDIRECT|NEXUS|NF|NFL|NG|NGO|NHK|NI|NICO|NIKE|NIKON|NINJA|NISSAN|NISSAY|NL|NO|NOKIA|NORTHWESTERNMUTUAL|NORTON|NOW|NOWRUZ|NOWTV|NP|NR|NRA|NRW|NTT|NU|NYC|NZ|OBI|OBSERVER|OFF|OFFICE|OKINAWA|OLAYAN|OLAYANGROUP|OLDNAVY|OLLO|OM|OMEGA|ONE|ONG|ONL|ONLINE|ONYOURSIDE|OOO|OPEN|ORACLE|ORANGE|ORG|ORGANIC|ORIGINS|OSAKA|OTSUKA|OTT|OVH|PA|PAGE|PANASONIC|PANERAI|PARIS|PARS|PARTNERS|PARTS|PARTY|PASSAGENS|PAY|PCCW|PE|PET|PF|PFIZER|PG|PH|PHARMACY|PHD|PHILIPS|PHONE|PHOTO|PHOTOGRAPHY|PHOTOS|PHYSIO|PIAGET|PICS|PICTET|PICTURES|PID|PIN|PING|PINK|PIONEER|PIZZA|PK|PL|PLACE|PLAY|PLAYSTATION|PLUMBING|PLUS|PM|PN|PNC|POHL|POKER|POLITIE|PORN|POST|PR|PRAMERICA|PRAXI|PRESS|PRIME|PRO|PROD|PRODUCTIONS|PROF|PROGRESSIVE|PROMO|PROPERTIES|PROPERTY|PROTECTION|PRU|PRUDENTIAL|PS|PT|PUB|PW|PWC|PY|QA|QPON|QUEBEC|QUEST|QVC|RACING|RADIO|RAID|RE|READ|REALESTATE|REALTOR|REALTY|RECIPES|RED|REDSTONE|REDUMBRELLA|REHAB|REISE|REISEN|REIT|RELIANCE|REN|RENT|RENTALS|REPAIR|REPORT|REPUBLICAN|REST|RESTAURANT|REVIEW|REVIEWS|REXROTH|RICH|RICHARDLI|RICOH|RIGHTATHOME|RIL|RIO|RIP|RMIT|RO|ROCHER|ROCKS|RODEO|ROGERS|ROOM|RS|RSVP|RU|RUGBY|RUHR|RUN|RW|RWE|RYUKYU|SA|SAARLAND|SAFE|SAFETY|SAKURA|SALE|SALON|SAMSCLUB|SAMSUNG|SANDVIK|SANDVIKCOROMANT|SANOFI|SAP|SAPO|SARL|SAS|SAVE|SAXO|SB|SBI|SBS|SC|SCA|SCB|SCHAEFFLER|SCHMIDT|SCHOLARSHIPS|SCHOOL|SCHULE|SCHWARZ|SCIENCE|SCJOHNSON|SCOR|SCOT|SD|SE|SEARCH|SEAT|SECURE|SECURITY|SEEK|SELECT|SENER|SERVICES|SES|SEVEN|SEW|SEX|SEXY|SFR|SG|SH|SHANGRILA|SHARP|SHAW|SHELL|SHIA|SHIKSHA|SHOES|SHOP|SHOPPING|SHOUJI|SHOW|SHOWTIME|SHRIRAM|SI|SILK|SINA|SINGLES|SITE|SJ|SK|SKI|SKIN|SKY|SKYPE|SL|SLING|SM|SMART|SMILE|SN|SNCF|SO|SOCCER|SOCIAL|SOFTBANK|SOFTWARE|SOHU|SOLAR|SOLUTIONS|SONG|SONY|SOY|SPACE|SPIEGEL|SPOT|SPREADBETTING|SR|SRL|SRT|ST|STADA|STAPLES|STAR|STARHUB|STATEBANK|STATEFARM|STATOIL|STC|STCGROUP|STOCKHOLM|STORAGE|STORE|STREAM|STUDIO|STUDY|STYLE|SU|SUCKS|SUPPLIES|SUPPLY|SUPPORT|SURF|SURGERY|SUZUKI|SV|SWATCH|SWIFTCOVER|SWISS|SX|SY|SYDNEY|SYMANTEC|SYSTEMS|SZ|TAB|TAIPEI|TALK|TAOBAO|TARGET|TATAMOTORS|TATAR|TATTOO|TAX|TAXI|TC|TCI|TD|TDK|TEAM|TECH|TECHNOLOGY|TEL|TELECITY|TELEFONICA|TEMASEK|TENNIS|TEVA|TF|TG|TH|THD|THEATER|THEATRE|TIAA|TICKETS|TIENDA|TIFFANY|TIPS|TIRES|TIROL|TJ|TJMAXX|TJX|TK|TKMAXX|TL|TM|TMALL|TN|TO|TODAY|TOKYO|TOOLS|TOP|TORAY|TOSHIBA|TOTAL|TOURS|TOWN|TOYOTA|TOYS|TR|TRADE|TRADING|TRAINING|TRAVEL|TRAVELCHANNEL|TRAVELERS|TRAVELERSINSURANCE|TRUST|TRV|TT|TUBE|TUI|TUNES|TUSHU|TV|TVS|TW|TZ|UA|UBANK|UBS|UCONNECT|UG|UK|UNICOM|UNIVERSITY|UNO|UOL|UPS|US|UY|UZ|VA|VACATIONS|VANA|VANGUARD|VC|VE|VEGAS|VENTURES|VERISIGN|VERSICHERUNG|VET|VG|VI|VIAJES|VIDEO|VIG|VIKING|VILLAS|VIN|VIP|VIRGIN|VISA|VISION|VISTA|VISTAPRINT|VIVA|VIVO|VLAANDEREN|VN|VODKA|VOLKSWAGEN|VOLVO|VOTE|VOTING|VOTO|VOYAGE|VU|VUELOS|WALES|WALMART|WALTER|WANG|WANGGOU|WARMAN|WATCH|WATCHES|WEATHER|WEATHERCHANNEL|WEBCAM|WEBER|WEBSITE|WED|WEDDING|WEIBO|WEIR|WF|WHOSWHO|WIEN|WIKI|WILLIAMHILL|WIN|WINDOWS|WINE|WINNERS|WME|WOLTERSKLUWER|WOODSIDE|WORK|WORKS|WORLD|WOW|WS|WTC|WTF|XBOX|XEROX|XFINITY|XIHUAN|XIN|XN--11B4C3D|XN--1CK2E1B|XN--1QQW23A|XN--2SCRJ9C|XN--30RR7Y|XN--3BST00M|XN--3DS443G|XN--3E0B707E|XN--3HCRJ9C|XN--3OQ18VL8PN36A|XN--3PXU8K|XN--42C2D9A|XN--45BR5CYL|XN--45BRJ9C|XN--45Q11C|XN--4GBRIM|XN--54B7FTA0CC|XN--55QW42G|XN--55QX5D|XN--5SU34J936BGSG|XN--5TZM5G|XN--6FRZ82G|XN--6QQ986B3XL|XN--80ADXHKS|XN--80AO21A|XN--80AQECDR1A|XN--80ASEHDB|XN--80ASWG|XN--8Y0A063A|XN--90A3AC|XN--90AE|XN--90AIS|XN--9DBQ2A|XN--9ET52U|XN--9KRT00A|XN--B4W605FERD|XN--BCK1B9A5DRE4C|XN--C1AVG|XN--C2BR7G|XN--CCK2B3B|XN--CG4BKI|XN--CLCHC0EA0B2G2A9GCD|XN--CZR694B|XN--CZRS0T|XN--CZRU2D|XN--D1ACJ3B|XN--D1ALF|XN--E1A4C|XN--ECKVDTC9D|XN--EFVY88H|XN--ESTV75G|XN--FCT429K|XN--FHBEI|XN--FIQ228C5HS|XN--FIQ64B|XN--FIQS8S|XN--FIQZ9S|XN--FJQ720A|XN--FLW351E|XN--FPCRJ9C3D|XN--FZC2C9E2C|XN--FZYS8D69UVGM|XN--G2XX48C|XN--GCKR3F0F|XN--GECRJ9C|XN--GK3AT1E|XN--H2BREG3EVE|XN--H2BRJ9C|XN--H2BRJ9C8C|XN--HXT814E|XN--I1B6B1A6A2E|XN--IMR513N|XN--IO0A7I|XN--J1AEF|XN--J1AMH|XN--J6W193G|XN--JLQ61U9W7B|XN--JVR189M|XN--KCRX77D1X4A|XN--KPRW13D|XN--KPRY57D|XN--KPU716F|XN--KPUT3I|XN--L1ACC|XN--LGBBAT1AD8J|XN--MGB9AWBF|XN--MGBA3A3EJT|XN--MGBA3A4F16A|XN--MGBA7C0BBN0A|XN--MGBAAKC7DVF|XN--MGBAAM7A8H|XN--MGBAB2BD|XN--MGBAI9AZGQP6J|XN--MGBAYH7GPA|XN--MGBB9FBPOB|XN--MGBBH1A|XN--MGBBH1A71E|XN--MGBC0A9AZCG|XN--MGBCA7DZDO|XN--MGBERP4A5D4AR|XN--MGBGU82A|XN--MGBI4ECEXP|XN--MGBPL2FH|XN--MGBT3DHD|XN--MGBTX2B|XN--MGBX4CD0AB|XN--MIX891F|XN--MK1BU44C|XN--MXTQ1M|XN--NGBC5AZD|XN--NGBE9E0A|XN--NGBRX|XN--NODE|XN--NQV7F|XN--NQV7FS00EMA|XN--NYQY26A|XN--O3CW4H|XN--OGBPF8FL|XN--P1ACF|XN--P1AI|XN--PBT977C|XN--PGBS0DH|XN--PSSY2U|XN--Q9JYB4C|XN--QCKA1PMC|XN--QXAM|XN--RHQV96G|XN--ROVU88B|XN--RVC1E0AM3E|XN--S9BRJ9C|XN--SES554G|XN--T60B56A|XN--TCKWE|XN--TIQ49XQYJ|XN--UNUP4Y|XN--VERMGENSBERATER-CTB|XN--VERMGENSBERATUNG-PWB|XN--VHQUV|XN--VUQ861B|XN--W4R85EL8FHU5DNRA|XN--W4RS40L|XN--WGBH1C|XN--WGBL6A|XN--XHQ521B|XN--XKC2AL3HYE2A|XN--XKC2DL3A5EE0H|XN--Y9A3AQ|XN--YFRO4I67O|XN--YGBI2AMMX|XN--ZFR164B|XPERIA|XXX|XYZ|YACHTS|YAHOO|YAMAXUN|YANDEX|YE|YODOBASHI|YOGA|YOKOHAMA|YOU|YOUTUBE|YT|YUN|ZA|ZAPPOS|ZARA|ZERO|ZIP|ZIPPO|ZM|ZONE|ZUERICH|ZW)$/i;\n\nexport const withCORS = (headers, request) => {\n headers[\"access-control-allow-origin\"] = \"*\";\n\n\n var corsMaxAge = request.corsAnywhereRequestState.corsMaxAge;\n if (request.method === \"OPTIONS\" && corsMaxAge) {\n headers[\"access-control-max-age\"] = corsMaxAge;\n }\n if (request.headers[\"access-control-request-method\"]) {\n headers[\"access-control-allow-methods\"] =\n request.headers[\"access-control-request-method\"];\n delete request.headers[\"access-control-request-method\"];\n }\n if (request.headers[\"access-control-request-headers\"]) {\n headers[\"access-control-allow-headers\"] =\n request.headers[\"access-control-request-headers\"];\n delete request.headers[\"access-control-request-headers\"];\n }\n\n headers[\"access-control-expose-headers\"] = Object.keys(headers).join(\",\");\n\n return headers;\n};\n\nexport const isValidHostName = hostname => {\n return !!(\n regexp.test(hostname) ||\n net.isIPv4(hostname) ||\n net.isIPv6(hostname)\n );\n};\n\nexport const parseURL = req_url => {\n var match = req_url.match(\n /^(?:(https?:)?\\/\\/)?(([^\\/?]+?)(?::(\\d{0,5})(?=[\\/?]|$))?)([\\/?][\\S\\s]*|$)/i\n );\n if (!match) {\n return null;\n }\n if (!match[1]) {\n if (/^https?:/i.test(req_url)) {\n return null;\n }\n if (req_url.lastIndexOf(\"//\", 0) === -1) {\n req_url = \"//\" + req_url;\n }\n req_url = (match[4] === \"443\" ? \"https:\" : \"http:\") + req_url;\n }\n var parsed = url.parse(req_url);\n if (!parsed.hostname) {\n return null;\n }\n return parsed;\n};\n" }, { "path": "services/proxy.cors.sh/package.json", "content": "{\n \"name\": \"proxy.cors.sh\",\n \"description\": \"free cors service for everyone\",\n \"version\": \"0.1.0\",\n \"scripts\": {\n \"clean\": \"rimraf .build .serverless\",\n \"deploy:prod\": \"yarn clean && source deploy/prod.sh\",\n \"deploy:staging\": \"yarn clean && source deploy/staging.sh\",\n \"dev\": \"sls offline start --stage development\",\n \"build\": \"yarn clean && sls package --stage development\"\n },\n \"dependencies\": {\n \"aws-serverless-express\": \"^3.4.0\",\n \"dayjs\": \"^1.11.7\",\n \"express\": \"^4.17.1\",\n \"express-rate-limit\": \"^6.5.2\",\n \"express-useragent\": \"^1.0.15\",\n \"http-proxy\": \"^1.18.1\",\n \"nanoid\": \"^3.1.23\",\n \"proxy-from-env\": \"^1.1.0\",\n \"rate-limit-redis\": \"^3.0.1\",\n \"redis\": \"^4.3.0\",\n \"response-time\": \"^2.3.2\",\n \"serverless-http\": \"^2.7.0\"\n },\n \"devDependencies\": {\n \"@types/aws-lambda\": \"^8.10.71\",\n \"@types/express\": \"^4.17.11\",\n \"@types/http-proxy\": \"^1.17.5\",\n \"@types/node\": \"^18.7.14\",\n \"@types/proxy-from-env\": \"^1.0.1\",\n \"@types/response-time\": \"^2.3.4\",\n \"rimraf\": \"^3.0.2\",\n \"serverless\": \"^2.22.0\",\n \"serverless-domain-manager\": \"^5.1.0\",\n \"serverless-offline\": \"^6.8.0\",\n \"serverless-plugin-dynamo-autoscaling\": \"^1.0.1\",\n \"serverless-plugin-optimize\": \"^4.1.4-rc.1\",\n \"serverless-plugin-typescript\": \"^2.1.2\",\n \"typescript\": \"^4.1.3\"\n }\n}\n" }, { "path": "services/proxy.cors.sh/serverless.yml", "content": "# Welcome to serverless. Read the docs\n# https://serverless.com/framework/docs/\n\nservice: cors-proxy\nuseDotenv: true\ncustom:\n customDomain:\n domainName: proxy.cors.sh\n basePath: \"\"\n stage: ${opt:stage, self:provider.stage}\n createRoute53Record: false\n # enabled only for production - configured by package.json script with --domain flag.\n enabled: ${param:domain, false}\n\n serverless-offline:\n httpPort: 4020\n lambdaPort: 3020\n noPrependStageInUrl: true\n\nprovider:\n name: aws\n memorySize: 128\n runtime: nodejs14.x\n apiGateway:\n shouldStartNameWithService: true\n binaryMediaTypes:\n - \"*/*\"\n endpointType: regional\n region: us-west-1\n environment:\n STAGE: ${opt:stage, self:provider.stage}\n RATE_LIMIT_REDIS_URL: ${env:RATE_LIMIT_REDIS_URL}\n RATE_LIMIT_REDIS_USERNAME: ${env:RATE_LIMIT_REDIS_USERNAME}\n RATE_LIMIT_REDIS_PASSWORD: ${env:RATE_LIMIT_REDIS_PASSWORD}\n API_KEY_TEMP_AES_KEY: ${env:API_KEY_TEMP_AES_KEY}\n API_KEY_TEMP_AES_IV: ${env:API_KEY_TEMP_AES_IV}\n AWS_NODEJS_CONNECTION_REUSE_ENABLED: \"1\"\n # for auth, managed by service.cors.sh\n DYNAMODB_TABLE_SERVICE_KEYS: \"cors-proxy-service-keys-${opt:stage, self:provider.stage}\"\n iamRoleStatements:\n - Effect: Allow\n Action:\n # this service only needs to read the service keys\n - dynamodb:GetItem\n Resource: \"arn:aws:dynamodb:${opt:region, self:provider.region}:*:table/${self:provider.environment.DYNAMODB_TABLE_SERVICE_KEYS}\"\n\n# The `functions` block defines what code to deploy\nfunctions:\n api:\n handler: src/index.handler\n maximumEventAge: 60\n maximumRetryAttempts: 0\n timeout: 12\n events:\n - http:\n path: /{proxy+}\n method: any\n # authorizer:\n # name: cors-proxy-authorizer\n # identitySource: \"method.request.header.x-cors-api-key\"\n # type: token\n # resultTtlInSeconds: 3600 # 1 hour\n # arn: ${env:CORS_PROXY_AUTHORIZER_ARN}\n - http:\n path: /\n method: get\n\nplugins:\n - serverless-plugin-typescript\n - serverless-plugin-optimize\n - serverless-offline\n - serverless-domain-manager\n" }, { "path": "services/proxy.cors.sh/src/_util/size.ts", "content": "export const MB = 1048576;\n\n/**\n * 1 seconds in ms\n */\nexport const SEC = 1000;\n" }, { "path": "services/proxy.cors.sh/src/_util/x-header.ts", "content": "import { Request } from \"express\";\n\nexport function headerfrom(\n headers: Request[\"headers\"],\n key: string | string[]\n): string | null {\n const keys = Array.isArray(key) ? key : [key];\n for (const k of keys) {\n const v = headers[k];\n if (v) {\n return v as string;\n }\n }\n return null;\n}\n" }, { "path": "services/proxy.cors.sh/src/app.ts", "content": "import * as express from \"express\";\nimport * as useragent from \"express-useragent\";\nimport * as corsProxy from \"../lib/cors\";\nimport * as responsetime from \"response-time\";\n\nimport { logRequest } from \"./usage\";\nimport { blaklistoriginlimit, payloadlimit } from \"./limit\";\nimport limiter from \"./limit/rate-limit\";\nimport { authorization } from \"./auth\";\n\nconst app = express();\n\nconst cors_proxy = corsProxy.createServer({\n // https://github.com/Rob--W/cors-anywhere/issues/39\n requireHeader: [\"origin\", \"x-requested-with\"],\n // requireHeader: [],\n removeHeaders: [\n \"cookie\",\n \"cookie2\",\n \"x-request-start\",\n \"x-request-id\",\n \"via\",\n \"connect-time\",\n \"total-route-time\",\n ],\n redirectSameOrigin: true,\n httpProxyOptions: {\n xfwd: false,\n },\n});\n\napp.get(\"/\", function (req, res) {\n res.redirect(\"https://cors.sh/\");\n});\n\napp.use(blaklistoriginlimit); // 1\napp.use(payloadlimit); // 2\napp.use(authorization); // 3\n\n// response time middleware\napp.use(\n responsetime({\n suffix: false,\n }) as any\n);\n\n// user agent middleware\napp.use(useragent.express());\n\n// hourly rate limiter\napp.use(limiter.hourly);\n\n// monthly (28-day) rate limiter\napp.use(limiter.monthly);\n\n// -- execution order matters --\n// (0)\napp.use((req, res, next) => {\n // support 'x-strict-request-url'\n // refer issue: https://github.com/gridaco/cors.sh/issues/38\n const x_strict_request_url = req.headers[\"x-strict-request-url\"];\n if (x_strict_request_url && typeof x_strict_request_url === \"string\") {\n // need prefix with '/' (required by cors_proxy to parse)\n req.url = \"/\" + x_strict_request_url;\n next();\n return;\n }\n\n next();\n});\n\n// (1)\napp.use((req, res, next) => {\n if (res.headersSent) {\n return;\n }\n\n try {\n cors_proxy.emit(\"request\", req, res);\n next();\n } catch (_) {}\n});\n\n// (2)\n/**\n * after response middleware\n */\napp.use((req, res) => {\n res.on(\"finish\", () => {\n logRequest(req, res);\n });\n});\n// -- execution order matters --\n\n/**\n * global error handler\n */\napp.use(((err, req, res, next) => {\n if (res.headersSent) {\n return next(err);\n }\n try {\n console.error(err);\n res.status(500).json({\n message: \"Internal Server Error\",\n error: err,\n issue: \"https://github.com/gridaco/cors.sh/issues\",\n });\n } catch (_) {}\n}) as express.ErrorRequestHandler);\n\nexport { app };\n" }, { "path": "services/proxy.cors.sh/src/auth/_tmp_static_api_keys/.gitignore", "content": "# manuall managed credentials (temporal)\nkeys.js" }, { "path": "services/proxy.cors.sh/src/auth/_tmp_static_api_keys/README.md", "content": "# Temporal manually managed api key store\n" }, { "path": "services/proxy.cors.sh/src/auth/_tmp_static_api_keys/index.js", "content": "export { default as keys } from \"./keys\";\n" }, { "path": "services/proxy.cors.sh/src/auth/index.ts", "content": "import * as express from \"express\";\nimport { validate_tmp_key } from \"./keys-temp\";\nimport { verify_synced_key } from \"./keys-synced\";\nimport { keyinfo } from \"./keys\";\nimport { headerfrom } from \"../_util/x-header\";\nimport { STATIC_CORS_ACCOUNT_API_KEY_HEADERS } from \"../k\";\nimport * as legacy from \"./legacy\";\n\nfunction parseApiKey(req: express.Request): string | undefined | null {\n const apikey_from_header = headerfrom(\n req.headers,\n STATIC_CORS_ACCOUNT_API_KEY_HEADERS\n );\n\n const api_key_q = \"cors_api_key\";\n\n // parsing from query requires parsing the url then, parsing the query, since the api call can contain the original url with their query.\n let apikey_from_query;\n try {\n // since url starts with \"/\" we need to remove the first character, then decode the url\n const url = decodeURI(req.url.slice(1));\n const params = new URL(url).searchParams;\n apikey_from_query = params.get(api_key_q);\n } catch (e) {\n apikey_from_query = req.query[api_key_q] as string;\n }\n\n return apikey_from_header || apikey_from_query;\n}\n\nexport async function authorization(\n req: express.Request,\n res: express.Response,\n next\n) {\n // 0. demo - no auth, allow all requests from https://cors.sh/playground (https://playground.cors.sh), rate limited by fixed rate\n // - uses ip as id\n // 1. legacy - static api key, rate limited by fixed rate\n // - uses api key as id\n // 2. anonymous localhost - only allow requests from localhost, rate limited by fixed rate\n // - uses ip as id\n // 3. temporary key - allow requests from anywhere (unless expired), rate limited by fixed rate\n // - uses api key\n // 4. signed key - allow requests from anywhere (unless configured), rate limited by purchased plan\n // // TODO:\n // - uses api key as subscription id\n // - live key - allow requests from anywhere (unless configured), rate limited by purchased plan\n // - test key - allow requests from anywhere (unless configured), rate limited by fixed rate\n\n // skip api key check for preflight requests\n if (req.method == \"OPTIONS\" || req.method == \"HEAD\") {\n next();\n }\n\n const apikey = parseApiKey(req);\n\n if (!apikey) {\n // no key, anonymous\n const id = anynymous_request_identity(req);\n const authorization: AuthorizationInfo = {\n authorized: false,\n id,\n tier: \"anonymous\",\n };\n res.locals.authorization = authorization;\n next();\n return;\n }\n\n const { signature, mode } = keyinfo(apikey!);\n const origin = req.headers.origin;\n const { ip, hostname } = req;\n\n if (\n origin === \"https://cors.sh\" ||\n origin === \"https://playground.cors.sh\" ||\n origin === \"https://cors.sh/playground\"\n ) {\n const authorization: AuthorizationInfo = {\n authorized: true,\n id: ip,\n tier: \"unlimited\",\n skip_rate_limit: true,\n };\n res.locals.authorization = authorization;\n next();\n return;\n }\n\n switch (mode) {\n case \"live\":\n case \"test\": {\n if (process.env.STAGE !== \"production\") {\n // bypass auth check in dev\n const authorization: AuthorizationInfo = {\n authorized: true,\n id: \"dev\",\n tier: \"unlimited\",\n };\n res.locals.authorization = authorization;\n next();\n return;\n //\n }\n\n // TODO: explicit handling for test / live key\n const verified = await verify_synced_key(signature);\n if (verified) {\n const { plan, billing_group } = verified;\n const authorization: AuthorizationInfo = {\n authorized: true,\n id: billing_group,\n tier: plan,\n };\n res.locals.authorization = authorization;\n next();\n return;\n } else {\n res\n .status(402)\n .send(\n \"Your account is suspended. Please make a payment at https://cors.sh\"\n );\n return;\n }\n break;\n }\n case \"temp\": {\n const verified = validate_tmp_key(signature);\n if (verified) {\n const authorization: AuthorizationInfo = {\n authorized: true,\n id: signature,\n tier: \"free\",\n };\n res.locals.authorization = authorization;\n next();\n return;\n } else {\n res\n .status(401)\n .send(\"Temporay key expired Get a new one from https://cors.sh\");\n return;\n }\n break;\n }\n case \"v2022\": {\n const verified = legacy.validate_api_key(apikey!);\n if (verified) {\n const authorization: AuthorizationInfo = {\n authorized: true,\n id: signature,\n tier: \"2022.t1\",\n };\n res.locals.authorization = authorization;\n next();\n return;\n } else {\n res\n .status(401)\n .send(\"Unauthorized. Get a api key from https://cors.sh\");\n return;\n }\n break;\n }\n }\n}\n\nexport interface AuthorizationInfo {\n authorized: boolean;\n id: string | \"demo\";\n tier: \"anonymous\" | \"free\" | \"unlimited\" | \"2022.t1\" | \"2023.t1\" | \"2023.t2\";\n skip_rate_limit?: boolean;\n}\n\nfunction anynymous_request_identity(req: express.Request) {\n if (req.hostname == \"localhost\") {\n return req.ip;\n } else {\n return req.hostname;\n }\n}\n" }, { "path": "services/proxy.cors.sh/src/auth/keys-synced.ts", "content": "import { DynamoDB } from \"aws-sdk\";\nimport * as day from \"dayjs\";\nconst db = new DynamoDB.DocumentClient();\n\nconst TABLE = process.env.DYNAMODB_TABLE_SERVICE_KEYS!;\n\nexport async function verify_synced_key(key: string): Promise<\n | {\n plan: \"2023.t1\" | \"2023.t2\";\n billing_group: string;\n }\n | false\n> {\n const record = await find(key);\n\n if (!record) {\n return false;\n }\n\n const { active, expires_at, billing_group, plan } = record;\n if (active && expires_at > day().unix()) {\n return {\n plan: plan as any,\n billing_group,\n };\n }\n\n return false;\n}\n\nasync function find(key: string): Promise {\n const { Item } = await db\n .get({\n TableName: TABLE,\n Key: {\n key: key,\n },\n })\n .promise();\n\n if (!Item) {\n return null;\n }\n\n return Item as ServiceKeyInfo;\n}\n\ninterface ServiceKeyInfo {\n key: string;\n plan: string;\n config: {\n allowed_origins: string[];\n allowed_targets: string[];\n };\n active: boolean;\n billing_group: string;\n expires_at: number;\n synced_at: number;\n}\n" }, { "path": "services/proxy.cors.sh/src/auth/keys-temp.ts", "content": "import * as crypto from \"crypto\";\nimport * as day from \"dayjs\";\n\nconst API_KEY_TEMP_AES_KEY: string = process.env.API_KEY_TEMP_AES_KEY!;\nconst API_KEY_TEMP_AES_IV: string = process.env.API_KEY_TEMP_AES_IV!;\nconst _aes_key = Buffer.from(API_KEY_TEMP_AES_KEY, \"hex\");\nconst _aes_iv = Buffer.from(API_KEY_TEMP_AES_IV, \"hex\");\nconst TMP_KEY_EXP_IN_DAYS = 3;\n\nexport function validate_tmp_key(signature: string) {\n // decode signature that uses aes-256-cbc, then validate with totp.\n let decipher = crypto.createDecipheriv(\"aes-256-cbc\", _aes_key, _aes_iv);\n\n try {\n let token =\n decipher.update(signature, \"hex\", \"utf8\") + decipher.final(\"utf8\");\n\n // token is a unix timestamp\n // the token should match (now ~ now + TMP_KEY_EXP_IN_DAYS)\n const now = day();\n const token_day = day.unix(Number(token));\n const diff = token_day.diff(now, \"day\");\n\n if (diff > TMP_KEY_EXP_IN_DAYS) {\n return false;\n }\n\n return true;\n } catch (e) {\n return false;\n }\n}\n" }, { "path": "services/proxy.cors.sh/src/auth/keys.ts", "content": "export function keyinfo(key: string): {\n signature: string;\n mode: \"temp\" | \"live\" | \"test\" | \"v2022\";\n} {\n const mode = key.split(\"_\")[0];\n const signature = key.split(\"_\")[1];\n\n switch (mode) {\n case \"temp\":\n case \"live\":\n case \"test\": {\n return {\n mode,\n signature,\n };\n }\n default: {\n // legacy key\n return {\n mode: \"v2022\",\n signature: key,\n };\n }\n }\n}\n" }, { "path": "services/proxy.cors.sh/src/auth/legacy/index.ts", "content": "export * from \"./static-account-api-key-auth\";\n" }, { "path": "services/proxy.cors.sh/src/auth/legacy/static-account-api-key-auth.ts", "content": "import { keys } from \"../_tmp_static_api_keys\";\n\n// const nokey401UnAuthorized = () => {\n// return \"https://bit.ly/2UnZSA8\";\n// // return {\n// // message: `CORS Proxy request from origin \"${origin}\" is not allowed. Request is unauthorized`,\n// // issue: \"https://github.com/bridgedxyz/base/issues/23\",\n// // };\n// };\n\n// export const unauthorizedAppBlocking = (\n// req: express.Request,\n// res: express.Response,\n// next\n// ) => {\n// // skip api key check for preflight requests\n// if (req.method == \"OPTIONS\" || req.method == \"HEAD\") {\n// next();\n// }\n// const apikey = headerfrom(req.headers, STATIC_CORS_ACCOUNT_API_KEY_HEADERS);\n// if (apikey && validate_api_key(apikey)) {\n// next();\n// } else {\n// res.status(401).send(nokey401UnAuthorized());\n// return;\n// }\n// };\n\nexport function validate_api_key(apikey: string) {\n if (!apikey || apikey == \"\") {\n return false;\n }\n const found = (keys as string[]).find((s) => s === apikey);\n if (found) {\n return true;\n }\n return false;\n}\n" }, { "path": "services/proxy.cors.sh/src/index.ts", "content": "import * as serverlessExpress from \"aws-serverless-express\";\nimport { APIGatewayProxyHandler } from \"aws-lambda\";\n\nimport { app } from \"./app\";\n\nconst binaryMimeTypes = [\n '*/*'\n\n // https://github.com/vendia/serverless-express/blob/master/examples/basic-starter/lambda.js\n // 'application/javascript',\n // 'application/json',\n // 'application/octet-stream',\n // 'application/xml',\n // 'font/eot',\n // 'font/opentype',\n // 'font/otf',\n // 'image/jpeg',\n // 'image/png',\n // 'image/svg+xml',\n // 'text/comma-separated-values',\n // 'text/css',\n // 'text/html',\n // 'text/javascript',\n // 'text/plain',\n // 'text/text',\n // 'text/xml'\n]\n\nconst server = serverlessExpress.createServer(app, null, binaryMimeTypes)\n\nexport const handler: APIGatewayProxyHandler = (event, context) => {\n serverlessExpress.proxy(server, event, context);\n};" }, { "path": "services/proxy.cors.sh/src/k/index.ts", "content": "/**\n * proxy.cors.sh static api key header\n */\nexport const STATIC_CORS_ACCOUNT_API_KEY_HEADERS = [\n \"x-cors-grida-api-key\", // legacy header for cors.bridged.cc\n \"x-cors-api-key\", // header for cors.sh\n];\n\nexport const RATE_LIMIT_FREE_AUTHORIZED_PER_HOUR = 500; // 500\nexport const RATE_LIMIT_FREE_ANONYMOUS_PER_HOUR = 100; // 100\nexport const RATE_LIMIT_PAID_PER_MONTH_DEFAULT = 500000;\nexport const RATE_LIMIT_PAID_PER_MONTH_T1 = 500000; // $4 / Mo\nexport const RATE_LIMIT_PAID_PER_MONTH_T2 = 2500000; // $20 / Mo\n" }, { "path": "services/proxy.cors.sh/src/limit/README.md", "content": "# Limitation handler" }, { "path": "services/proxy.cors.sh/src/limit/blacklist-origin.ts", "content": "import * as express from \"express\";\n\n/**\n * explicitly black listed origins. these are not registered to use base.\n */\nconst blacklisted_origin: string[] = [\n \"REJECTME\",\n // WAITING FOR SERVICE PROVIDER'S ACTION\n \"titronline.org\",\n \"titr.online\",\n \"showsport.xyz\",\n \"cdn14.esp-cdn.xyz\",\n \"digi-hdsport.com\",\n \"siunus.github.io\",\n // ILLEGAL OR AUDULT WEBSITE (PERMINANTLY BLOCKED)\n \"twerktvnaija.com\",\n];\n\nconst blacked401UnAuthorized = (origin: string) => {\n return \"https://bit.ly/2UnZSA8\";\n // return {\n // message: `CORS Proxy request from origin \"${origin}\" is not allowed. Request is unauthorized`,\n // issue: \"https://github.com/bridgedxyz/base/issues/23\",\n // };\n};\n\nexport const blaklistoriginlimit = (\n req: express.Request,\n res: express.Response,\n next\n) => {\n const origin = req.headers[\"origin\"];\n\n if (origin) {\n if (blacked(origin)) {\n res.status(401).send(blacked401UnAuthorized(origin));\n return;\n }\n }\n next();\n};\n\nfunction blacked(origin: string): boolean {\n // patterns\n // 1. www.\n // 2. http//\n // 3. https//\n // 4. http://\n // 5. ....\n try {\n const u = new URL(origin);\n return blacklisted_origin.some((o) => {\n return u.hostname == o || u.hostname == \"www.\" + o;\n });\n } catch (_) {\n // we cannot handle url that is invalid (need better logic for this)\n return false;\n }\n}\n" }, { "path": "services/proxy.cors.sh/src/limit/index.ts", "content": "export * from \"./payload-limit\";\nexport * from \"./blacklist-origin\";\n" }, { "path": "services/proxy.cors.sh/src/limit/payload-limit.ts", "content": "import * as https from \"https\";\nimport * as http from \"http\";\nimport { MB } from \"../_util/size\";\n\n/**\n * this is to save data transfer cost. And basically we should not use CORS Proxy to load large files.\n *\n * https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-limits.html\n */\nconst MAX_TARGET_RESOURCE_MB = 2; // 6mb is max supported by api gateway. (supports up to 2mb on proxy)\n\nexport const payloadlimit = (req, res, next) => {\n const requrl = req.originalUrl.substring(1);\n\n const agent = requrl.startsWith(\"https:\") ? https : http;\n agent\n .request(requrl, { method: \"HEAD\" }, (_resp) => {\n const len = Number(_resp.headers[\"content-length\"]);\n if (len && len > MB * MAX_TARGET_RESOURCE_MB) {\n // reject if data larger than 30mb.\n res.status(413).send({\n message: `Requested resource exceeds ${MAX_TARGET_RESOURCE_MB}mb`,\n issue: \"https://github.com/bridgedxyz/base/issues/23\",\n });\n } else {\n // if content-length is undefined or less than 30mb, procceed.\n next();\n }\n })\n .on(\"error\", (err) => {\n // ignore error for this\n // target, which is anonymous, might not support HEAD request.\n next();\n })\n .end();\n};\n" }, { "path": "services/proxy.cors.sh/src/limit/rate-limit.ts", "content": "import { Request, Response } from \"express\";\nimport rateLimit from \"express-rate-limit\";\nimport RedisStore from \"rate-limit-redis\";\nimport { createClient } from \"redis\";\nimport {\n RATE_LIMIT_FREE_ANONYMOUS_PER_HOUR,\n RATE_LIMIT_FREE_AUTHORIZED_PER_HOUR,\n RATE_LIMIT_PAID_PER_MONTH_DEFAULT,\n RATE_LIMIT_PAID_PER_MONTH_T1,\n RATE_LIMIT_PAID_PER_MONTH_T2,\n} from \"../k\";\nimport type { AuthorizationInfo } from \"../auth\";\n\n// rather if locally ran by `sls offline`\nconst IS_OFFLINE = process.env.IS_OFFLINE;\n\nconst client = createClient({\n url: process.env.RATE_LIMIT_REDIS_URL,\n username: process.env.RATE_LIMIT_REDIS_USERNAME,\n password: process.env.RATE_LIMIT_REDIS_PASSWORD,\n socket: IS_OFFLINE\n ? {\n // 10 minutes\n connectTimeout: 10 * 60 * 1000,\n keepAlive: 10 * 60 * 1000,\n }\n : undefined,\n\n // ... (see https://github.com/redis/node-redis/blob/master/docs/client-configuration.md)\n});\n\n// TODO: make sure connected\nclient.connect();\n\n/**\n * shared for all rate limiters\n * @returns\n */\nconst keygenerator = (req: Request, res: Response) => {\n const { id } = (res.locals.authorization as AuthorizationInfo) ?? {};\n // return ip by default\n return id || req.ip;\n};\n\n/**\n * 429 handler\n * Used by all rate limiters\n */\nconst excess_handler = (req: Request, res: Response, next) => {\n const { authorized } = (res.locals.authorization as AuthorizationInfo) ?? {};\n // 429 handler\n if (authorized) {\n res\n .status(429)\n .send(\n \"Too Many Requests.\\nYou have reached the maximum number of requests per hour for Free tier. Please upgrade your plan to remove this limit.\"\n );\n } else {\n res\n .status(429)\n .send(\n \"Too Many Requests.\\nThis request is anonymous and rate limited. To upgrade, please add an api key at https://cors.sh\"\n );\n }\n};\n\nconst limiter_free_per_hour = rateLimit({\n // Rate limiter configuration\n windowMs: 60 * 1000 * 60, // 1 hour\n max: (req: Request, res: Response) => {\n const { tier } = (res.locals.authorization as AuthorizationInfo) ?? {};\n\n switch (tier) {\n case \"unlimited\":\n return Infinity;\n case \"free\":\n return RATE_LIMIT_FREE_AUTHORIZED_PER_HOUR; // per hour\n case \"anonymous\":\n return RATE_LIMIT_FREE_ANONYMOUS_PER_HOUR; // per hour\n case \"2022.t1\":\n // legacy, all free version\n return RATE_LIMIT_FREE_AUTHORIZED_PER_HOUR; // per hour\n case \"2023.t1\":\n case \"2023.t2\": {\n // paid version\n // no limit, passed by skip()\n return Infinity;\n }\n default:\n // anonymous (free)\n return RATE_LIMIT_FREE_ANONYMOUS_PER_HOUR; // per hour\n }\n },\n standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers\n legacyHeaders: false, // Disable the `X-RateLimit-*` headers\n skip: (req: Request, res: Response) => {\n if (req.method == \"OPTIONS\" || req.method == \"HEAD\") {\n return true;\n }\n\n let force_skip = false;\n\n const { skip_rate_limit, tier } =\n (res.locals.authorization as AuthorizationInfo) ?? {};\n\n if (tier === \"2023.t1\" || tier === \"2023.t2\") {\n // since no monthly limit, skip the hourly limit for paid version\n force_skip = true;\n }\n\n if (force_skip || skip_rate_limit) {\n return true;\n }\n\n res.locals.rate_limit_handled = true;\n return false;\n },\n keyGenerator: keygenerator,\n handler: excess_handler,\n // Redis store configuration\n store: new RedisStore({\n sendCommand: (...args: string[]) => client.sendCommand(args),\n }),\n});\n\nconst MONTH28MS = 60 * 1000 * 60 * 24 * 28; // 28 days in ms\n\n// Consider: monthly rate limit might require bigger redis instance\nconst limiter_paid_per_month = rateLimit({\n // 28-day month\n windowMs: MONTH28MS,\n // max: RATE_LIMIT_PAID_PER_MONTH_T1,\n max: (req: Request, res: Response) => {\n const { tier } = (res.locals.authorization as AuthorizationInfo) ?? {};\n\n switch (tier) {\n case \"2023.t1\": {\n // paid version tier 1 ($4 / Mo)\n return RATE_LIMIT_PAID_PER_MONTH_T1;\n }\n case \"2023.t2\": {\n // paid version tier 2 ($20 / Mo)\n return RATE_LIMIT_PAID_PER_MONTH_T2;\n }\n case \"unlimited\":\n return Infinity;\n case \"anonymous\": // anon, blocked by hourly limiter anyway\n case \"free\": // free, blocked by hourly limiter anyway\n case \"2022.t1\": // legacy, all free version\n default:\n // anonymous (free)\n return RATE_LIMIT_PAID_PER_MONTH_DEFAULT; // per month\n }\n },\n skip: (req: Request, res: Response) => {\n if (req.method == \"OPTIONS\" || req.method == \"HEAD\") {\n return true;\n }\n\n // if rate limit handled by hourly limiter, skip this one\n return res.locals.rate_limit_handled;\n },\n keyGenerator: keygenerator,\n handler: excess_handler,\n store: new RedisStore({\n sendCommand: (...args: string[]) => client.sendCommand(args),\n }),\n});\n\n// FIXME: - We have to merge the two limiters into one - seems the skip does not do what we thought it does (It always uses the hourly limiter. even for paid plan, causing it to be infinite)\nexport default {\n hourly: limiter_free_per_hour,\n monthly: limiter_paid_per_month,\n};\n" }, { "path": "services/proxy.cors.sh/src/usage/README.md", "content": "# Usage Logging\n\n## Data we collect\n\n- client ip (for managing x-rate-limit)\n- client ua (for malicious usage preventation)\n- request url information (only host) (for understanding api usage)\n - we do not collect request query\n - we do not collect request body\n - we do not collect response body\n- response result (for collecting success rate) (collection as http status code)\n- duration (for tracking x-rate-limit for execution time)\n- payload (for tracking x-rate-limit for data transfer)\n- app (for identifying the request) (this is determined by api key you are using. pretty obvious)" }, { "path": "services/proxy.cors.sh/src/usage/dynamo/log.ts", "content": "import type { CorsProxyApiRequest, CorsProxyApiRequestLog } from \"../type\";\nimport { CorsRequestLogModel } from \"./model\";\nimport { nanoid } from \"nanoid\";\nimport * as dynamoose from \"dynamoose\";\nimport * as https from \"https\";\n\nconst agent = new https.Agent({\n keepAlive: true,\n rejectUnauthorized: true,\n maxSockets: 1000,\n});\n\ndynamoose.aws.sdk.config.update({\n httpOptions: {\n agent: agent,\n },\n});\n\nasync function log(\n request: CorsProxyApiRequest & {\n billed_duration: number;\n }\n) {\n // console.log(\"request\", request);\n const id = nanoid();\n try {\n const payload = new CorsRequestLogModel({\n id: id,\n ...request,\n });\n\n await payload.save();\n } catch (_) {\n // do nothing\n }\n}\n" }, { "path": "services/proxy.cors.sh/src/usage/dynamo/model.ts", "content": "import * as dynamoose from \"dynamoose\";\nimport { nanoid } from \"nanoid\";\n\nexport const CorsRequestLogSchema = new dynamoose.Schema(\n {\n id: {\n type: String,\n required: true,\n default: () => nanoid(),\n },\n app: {\n type: String,\n required: true,\n index: {\n name: \"appIndex\",\n },\n },\n ua: {\n type: String,\n required: false,\n },\n at: {\n type: Date,\n required: true,\n },\n size: {\n type: Number,\n required: true,\n },\n ip: {\n type: String,\n required: false,\n },\n target: {\n type: String,\n required: true,\n },\n duration: {\n type: Number,\n required: true,\n },\n billed_duration: {\n type: Number,\n required: true,\n },\n },\n {\n saveUnknown: true,\n }\n);\n\nconst CORS_REQUEST_LOG_TABLE_NAME = process.env\n .DYNAMODB_TABLE_USAGE_LOG as string;\n\nexport const CorsRequestLogModel = dynamoose.model(\n CORS_REQUEST_LOG_TABLE_NAME,\n CorsRequestLogSchema,\n {\n create: true,\n }\n);\n" }, { "path": "services/proxy.cors.sh/src/usage/dynamo/readme.md", "content": "# dynamo logger (disabled)\n\nto enable,\n\n- update serverless.yml using table.yml\n- install dynamoose\n" }, { "path": "services/proxy.cors.sh/src/usage/dynamo/table.yml", "content": "# use this configuration on serverless.yml to enable logging.\n\nprovider:\n name: aws\n environment:\n DYNAMODB_TABLE_USAGE_LOG: \"${self:service}-usage-log-${opt:stage, self:provider.stage}\"\n\n iamRoleStatements:\n - Effect: Allow\n Action:\n - dynamodb:Query\n - dynamodb:Scan\n - dynamodb:GetItem\n - dynamodb:PutItem\n - dynamodb:UpdateItem\n - dynamodb:DeleteItem\n - dynamodb:DescribeTable\n Resource: \"arn:aws:dynamodb:${opt:region, self:provider.region}:*:table/${self:provider.environment.DYNAMODB_TABLE_USAGE_LOG}\"\n\nresources:\n Resources:\n usageLogTable:\n Type: AWS::DynamoDB::Table\n Properties:\n TableName: \"${self:provider.environment.DYNAMODB_TABLE_USAGE_LOG}\"\n KeySchema:\n - AttributeName: id\n KeyType: HASH\n AttributeDefinitions:\n - AttributeName: id\n AttributeType: S\n - AttributeName: app\n AttributeType: S\n GlobalSecondaryIndexes:\n - IndexName: appIndex\n KeySchema:\n - AttributeName: app\n KeyType: HASH\n Projection:\n ProjectionType: \"ALL\"\n ProvisionedThroughput:\n ReadCapacityUnits: 10\n WriteCapacityUnits: 10 # no write is required\n ProvisionedThroughput:\n ReadCapacityUnits: 10 # no read is required\n WriteCapacityUnits: 10\n" }, { "path": "services/proxy.cors.sh/src/usage/index.ts", "content": "import * as express from \"express\";\nimport type { CorsProxyApiRequestLog } from \"./type\";\n\ntype Log = Omit;\n\n/**\n *\n * @param req\n * @param res\n */\nexport async function logRequest(req: express.Request, res: express.Response) {\n // do not log the request if client error. (413 or 401 or 400)\n if (500 > res.statusCode && res.statusCode >= 400) {\n return;\n }\n const ip = (req.headers[\"x-forwarded-for\"] ||\n req.socket.remoteAddress) as string;\n const timestamp = new Date();\n const origin = req.headers[\"origin\"] || undefined;\n //@ts-ignore (useragent is provided by above useragent.express())\n const _uaobj = req.useragent;\n const ua = _uaobj.source; // gives the raw ua string\n const url = res.get(\"x-request-url\");\n const payload = Number(\n (() => {\n const _cl = res.get(\"content-length\");\n return _cl ? _cl : 0;\n })()\n );\n const duration = Number(\n (() => {\n const _rt = res.get(\"x-response-time\");\n return _rt ? _rt : 0;\n })()\n );\n\n const billed_duration = Math.ceil(duration / 100) * 100; // billed duration is stepped by 100ms\n // request id from api gateway\n // const request_id = req.headers[\"x-request-id\"] as string;\n\n const metric: Log = {\n ip: ip,\n origin: origin,\n ua: ua,\n duration: duration,\n size: payload,\n at: timestamp,\n target: url,\n app: \"anonymous\",\n billed_duration,\n };\n\n systemlog(metric);\n // await log(metric);\n}\n\nfunction systemlog(request: Log) {\n console.log(request);\n}\n" }, { "path": "services/proxy.cors.sh/src/usage/type.ts", "content": "export type AppId = string | \"anonymous\" | \"official-demo\";\n\nexport interface CorsProxyApiRequest {\n /**\n * ip address of request client (could be server / app / web)\n */\n ip?: string;\n /**\n * compressed / raw user agent data of the request\n */\n ua?: string;\n\n /**\n * request origin from request headers\n */\n origin?: string;\n\n /**\n * target resource url\n */\n target?: string;\n /**\n * duration in ms\n */\n duration: number;\n /**\n * data payload\n */\n size: number;\n\n /**\n * request timestamp\n */\n at: Date;\n\n /**\n * the user/requester app\n */\n app: AppId;\n}\n\nexport interface CorsProxyApiRequestLog extends CorsProxyApiRequest {\n /**\n * unique id of the request\n */\n id: string;\n\n /**\n * billing duration in ms - ceils with 100ms\n */\n billed_duration: number;\n}\n" }, { "path": "services/proxy.cors.sh/tsconfig.json", "content": "{\n \"compilerOptions\": {\n \"preserveConstEnums\": true,\n \"strictNullChecks\": true,\n \"sourceMap\": false,\n \"allowJs\": true,\n \"strict\": false,\n \"target\": \"es5\",\n \"outDir\": \".build\",\n \"moduleResolution\": \"node\",\n \"lib\": [\"es2015\"],\n \"rootDir\": \"./\"\n }\n}\n" }, { "path": "services/readme.md", "content": "# service layers\n\n- proxy layer\n - contributes only to proxying the request.\n - shards part of the service layer db once a day.\n - uses dynamo db & takes full serverless approach.\n - handles millions of requests every hour.\n- service layer\n - contributes to authorization and subscriptions management.\n - uses mongodb\n - uess prisma\n - can be alted to ec2 instalce service.\n - handles few thousand requests every hour.\n\n## Shared keys\n\n- `JWT_SECRET` the jwt secret is shared accross services, the token issueing can be only done by the service layer, and the proxy layer can only verify the token.\n" }, { "path": "services/services.cors.sh/.gitignore", "content": ".build\n.webpack\n\n# we use yarn.\npackage-lock.json\n\n# env\n.env\n.env.staging\n.env.production\n.env.local\n.env.*.local" }, { "path": "services/services.cors.sh/app.ts", "content": "import express from \"express\";\nimport useragent from \"express-useragent\";\nimport cors from \"cors\";\nimport bodyParser from \"body-parser\";\nimport router from \"./routes\";\n\nfunction logErrors(err, req, res, next) {\n console.error(err.stack);\n next(err);\n}\n\nconst app = express();\n\napp.get(\"/\", (req, res) => {\n res.redirect(\"https://cors.sh\");\n});\n\napp.use(cors());\n\napp.use(\n bodyParser.urlencoded({\n extended: true,\n })\n);\n\napp.use(useragent.express());\n\napp.use(bodyParser.json());\n\napp.use(logErrors);\n\napp.use(router);\n\nexport { app };\n" }, { "path": "services/services.cors.sh/auth/index.ts", "content": "export * from \"./key\";\nexport * from \"./jwt\";\nexport * from \"./middleware\";\n" }, { "path": "services/services.cors.sh/auth/jwt.ts", "content": "import jwt from \"jsonwebtoken\";\n\nconst _SECRET = process.env.SERVICE_JWT_SECRET as string;\n\nexport interface ServiceUserSignature {\n type: \"customer\";\n service: \"cors.sh\";\n id: string;\n}\n\nexport function decode_jwt(token: string): ServiceUserSignature {\n return jwt.verify(token, _SECRET) as ServiceUserSignature;\n}\n\nexport function encode_jwt(service_user_id: string): string {\n const payload: ServiceUserSignature = {\n type: \"customer\",\n service: \"cors.sh\",\n id: service_user_id,\n };\n return jwt.sign(payload, _SECRET);\n}\n\nexport function verify(token: string) {\n const pl = jwt.verify(token, _SECRET) as ServiceUserSignature;\n if (pl.service == \"cors.sh\" && pl.type == \"customer\") {\n return pl.id;\n } else {\n throw new Error(\"invalid token\");\n }\n}\n" }, { "path": "services/services.cors.sh/auth/key.ts", "content": "export const SECURE_BROWSER_COOKIE_AUTH_KEY = \".cors.sh/auth-token\";\n" }, { "path": "services/services.cors.sh/auth/middleware.ts", "content": "import { verify } from \"./jwt\";\nimport { Request, Response } from \"express\";\nimport { prisma, stripe } from \"../clients\";\nimport { SECURE_BROWSER_COOKIE_AUTH_KEY } from \"./key\";\n\n// since the secure cookie cannot be forged, we have no additional validation on the jwt from client's secure http only cookie.\n// the possible hacking scenario is..\n// 1. the hacker steals the jwt secret (impossible, but somehow.)\n// 2. the hacker finds out the customer id of services.cors.sh\n// 3. the hacker sets the cookie with the jwt token, and the customer id.\n// - seems secure enough for now.\nexport async function authMiddleware(req: Request, res: Response, next) {\n const _1 = await standardAuthorizer(req);\n if (_1) {\n const { customer } = _1;\n res.locals.customer = customer;\n next();\n return;\n }\n\n const _2 = await checoutSessionAuthorizer(req);\n if (_2) {\n const { customer } = _2;\n res.locals.customer = customer;\n next();\n return;\n }\n\n return res.status(401).json({ error: \"Unauthorized\" });\n}\n\nasync function checoutSessionAuthorizer(req: Request) {\n const checkout_session_id = req.headers[\"x-cors-service-checkout-session-id\"];\n if (!checkout_session_id) {\n return false;\n }\n\n const checkout_session = await stripe.checkout.sessions.retrieve(\n checkout_session_id as string\n );\n\n const { customer: stripe_customer_id } = checkout_session;\n\n const customer = await prisma.customer.findUnique({\n where: {\n stripeId: stripe_customer_id as string,\n },\n });\n\n if (!customer) {\n return false;\n }\n\n return {\n customer,\n };\n}\n\nasync function standardAuthorizer(req: Request): Promise {\n const authorization = req.signedCookies?.[SECURE_BROWSER_COOKIE_AUTH_KEY];\n if (!authorization) {\n return false;\n }\n\n try {\n const customerid = verify(authorization);\n const customer = await prisma.customer.findUnique({\n where: {\n id: customerid,\n },\n });\n\n return {\n customer,\n };\n } catch (e) {\n return false;\n }\n}\n" }, { "path": "services/services.cors.sh/auth/readme.md", "content": "# service auth (not proxy.cors.sh api key auth)\n\n## .env\n\n```\n...\nSERVICE_JWT_SECRET=...\n...\n```\n" }, { "path": "services/services.cors.sh/clients/index.ts", "content": "export * from \"./prisma\";\nexport * from \"./stripe\";\nexport * from \"./ses\";\n" }, { "path": "services/services.cors.sh/clients/prisma.ts", "content": "import { PrismaClient } from \"@prisma/client\";\n\nexport const prisma = new PrismaClient();\n" }, { "path": "services/services.cors.sh/clients/ses.ts", "content": "import * as AWS from \"@aws-sdk/client-ses\";\n\nconst SENDER_EMAIL = \"no-reply@cors.sh\";\nconst ses = new AWS.SES({});\n\ninterface EmailBody_Raw {\n subject: string;\n text: string;\n}\n\ninterface EmailBody_Html {\n subject: string;\n html: string;\n}\n\ntype EmailContent = EmailBody_Raw | EmailBody_Html;\n\nexport function emailWithTemplate(to: string, template: string, data: object) {\n return ses.sendTemplatedEmail({\n Destination: {\n ToAddresses: [to],\n },\n Source: SENDER_EMAIL,\n Template: template,\n TemplateData: JSON.stringify(data),\n });\n}\n\nexport async function email(\n to: string,\n content: EmailContent\n): Promise {\n try {\n const sendResp = await ses.sendEmail({\n Destination: {\n ToAddresses: [to],\n },\n Source: SENDER_EMAIL,\n Message: {\n Subject: {\n Data: content.subject,\n },\n Body:\n \"text\" in content\n ? {\n Text: {\n Data: content.text,\n },\n }\n : {\n Html: {\n Data: content.html,\n },\n },\n },\n });\n } catch (error) {\n console.error(error);\n throw new Error(\"failed while sending email\");\n }\n return true;\n}\n" }, { "path": "services/services.cors.sh/clients/slack.ts", "content": "// send message to slack for telementry\n\nimport axios from \"axios\";\nconst token = process.env.SLACK_TOKEN;\nconst channel = process.env.SLACK_CHANNEL;\n\nexport const blocks = ({\n title,\n data,\n}: {\n title: string;\n data: { [key: string]: any };\n}) => {\n return [\n {\n type: \"section\",\n text: {\n type: \"mrkdwn\",\n text: `*${title}*`,\n },\n },\n ...Object.keys(data).reduce((acc, key) => {\n const value = data[key];\n if (value === undefined) {\n return acc;\n }\n\n const valuetext = pretty_value(value);\n const keytext = pretty_key(key);\n\n return [\n ...acc,\n {\n type: \"section\",\n text: {\n type: \"mrkdwn\",\n text: `${keytext}: ${valuetext}`,\n },\n },\n ];\n }, []),\n ];\n};\n\nconst pretty_value = (value: any) => {\n switch (typeof value) {\n case \"string\":\n return value;\n case \"number\":\n return value.toString();\n case \"object\":\n default:\n return JSON.stringify(value);\n }\n};\n\n/**\n * pretty print the key string\n *\n * - replace `_` and `-` with ` `\n * - capitalize the first letter\n *\n * e.g.\n * - total_users_so_far -> Total users so far\n */\nfunction pretty_key(key: string) {\n return key\n .replace(/_/g, \" \")\n .replace(/-/g, \" \")\n .replace(/^\\w/, (c) => c.toUpperCase());\n}\n\nexport function slack({ blocks }: { blocks: Array }) {\n return axios.post(\n \"https://slack.com/api/chat.postMessage\",\n {\n blocks: blocks,\n // env Channel Id\n channel: channel,\n },\n {\n headers: {\n // env TOKEN\n Authorization: `Bearer ${token}`,\n },\n }\n );\n}\n" }, { "path": "services/services.cors.sh/clients/stripe.ts", "content": "import { Stripe } from \"stripe\";\n\nexport const stripe = new Stripe(process.env.STRIPE_API_KEY, {\n apiVersion: \"2022-08-01\",\n});\n" }, { "path": "services/services.cors.sh/controllers/_telemetry.ts", "content": "import type { OnboardingApplications, Application } from \"@prisma/client\";\nimport { prisma } from \"../clients\";\nimport { slack, blocks } from \"../clients/slack\";\n\nexport async function logNewOnboardingProc(data: OnboardingApplications) {\n const total = await prisma.onboardingApplications.count();\n const { id, name, email } = data;\n const title = `New Onboarding Application`;\n const dataToLog = {\n name,\n email,\n total,\n };\n const message = blocks({ title, data: dataToLog });\n await slack({ blocks: message });\n}\n\nexport async function logNewApplication(data: Application) {\n const total = await prisma.application.count();\n const { name } = data;\n const title = `New Application`;\n const dataToLog = {\n name,\n total,\n };\n const message = blocks({ title, data: dataToLog });\n await slack({ blocks: message });\n}\n" }, { "path": "services/services.cors.sh/controllers/applications.ts", "content": "import { prisma, stripe, emailWithTemplate } from \"../clients\";\nimport { sign_live_key, sign_temporary_key, sign_test_key } from \"../keygen\";\nimport { nanoid } from \"nanoid\";\nimport type { Application, OnboardingApplications } from \"@prisma/client\";\nimport sync from \"../sync\";\nimport { logNewOnboardingProc, logNewApplication } from \"./_telemetry\";\n\ntype CreateOnboardingApplicationBody =\n | {\n type: \"with-form\";\n name: string;\n allowedOrigins: string[];\n priceId: string;\n }\n | {\n type: \"with-email\";\n email: string;\n };\n\nexport async function createOnboardingApplication(\n body: CreateOnboardingApplicationBody,\n send_onboarding_email_if_possible: boolean = true\n) {\n let email_available = false;\n let email: string;\n let name: string;\n let allowedOrigins: string[];\n let priceId: string;\n\n switch (body.type) {\n case \"with-email\": {\n email = body.email;\n name = \"My first cors.sh app\";\n email_available = true;\n break;\n }\n case \"with-form\": {\n email = `${nanoid(10)}@unknown-users.cors.sh`;\n name = body.name;\n allowedOrigins = body.allowedOrigins;\n priceId = body.priceId;\n break;\n }\n }\n\n const { key: tmpkey, expires_at } = sign_temporary_key();\n\n let data: OnboardingApplications;\n\n // check if email exists\n let duplicated: OnboardingApplications | null = null;\n if (email_available) {\n duplicated = await prisma.onboardingApplications.findUnique({\n where: { email: email },\n });\n }\n\n // if duplicated, update the existing one with the new key.\n if (duplicated) {\n // if the last interaction is within 5 minutes, ignore the request\n if (duplicated.updatedAt) {\n }\n data = await prisma.onboardingApplications.update({\n where: { id: duplicated.id },\n data: {\n // this will be renewed since the signature contains the expiration time\n key: tmpkey,\n },\n });\n } else {\n data = await prisma.onboardingApplications.create({\n data: {\n key: tmpkey,\n email: email,\n name: name,\n allowedOrigins: allowedOrigins ?? [],\n expiresAt: expires_at.toDate(),\n priceId,\n },\n });\n }\n\n if (email_available && send_onboarding_email_if_possible) {\n // send an email to the user\n const res = await sendOnboardingEmail(email, data);\n console.log(\"email sent\", res);\n }\n\n // log event to slack\n try {\n !duplicated && (await logNewOnboardingProc(data));\n } catch (e) {\n console.error(\"failed to log new onboarding application\", e); // not critical\n }\n\n return {\n id: data.id,\n // omit the key since it also works as a verification code for faster signup\n // key: \"omitted\"\n email: data.email,\n name: data.name,\n allowedOrigins: data.allowedOrigins,\n priceId: data.priceId,\n };\n}\n\nexport async function getOnboardingApplication(id: string) {\n return await prisma.onboardingApplications.findUnique({\n where: { id: id },\n select: {\n // omit private data\n id: true,\n name: true,\n email: true,\n allowedOrigins: true,\n priceId: true,\n createdAt: true,\n updatedAt: true,\n },\n });\n}\n\nasync function sendOnboardingEmail(\n email: string,\n application?: OnboardingApplications\n) {\n if (!application) {\n application = await prisma.onboardingApplications.findUnique({\n where: { email: email },\n });\n }\n\n if (!application) {\n return false;\n }\n\n const { key, emailSentAt } = application;\n\n // if the last interaction is within 1 minutes, ignore the request\n if (emailSentAt && emailSentAt.length > 0) {\n const lastSentAt = emailSentAt[emailSentAt.length - 1];\n if (lastSentAt) {\n const diff = new Date().getTime() - lastSentAt.getTime();\n if (diff < 60000) {\n return false;\n }\n }\n }\n\n // sls stage\n\n await emailWithTemplate(\n email,\n `mail_cors_sh_onboarding_${process.env.STAGE}`,\n {\n CODE: key,\n ONBOARDINGLINK: `https://cors.sh/onboarding/${application.id}`,\n }\n );\n\n // update the tmp app\n await prisma.onboardingApplications.update({\n where: { id: application.id },\n data: {\n emailSentAt: {\n push: new Date(),\n },\n },\n });\n\n return true;\n}\n\nexport async function signApplication(application: Application) {\n //\n const { key: apikey_test } = sign_test_key(application.signature_test);\n const { key: apikey_live } = sign_live_key(application.signature_live);\n\n const payload = {\n ...application,\n apikey_test,\n apikey_live,\n };\n\n return payload;\n}\n\nexport async function createApplication({\n id,\n name,\n allowedOrigins,\n owner,\n}: {\n id?: string;\n name: string;\n allowedOrigins?: string[];\n owner: { id: string };\n}) {\n const placeholder_test = nanoid(10);\n const placeholder_live = nanoid(10);\n\n const application = await prisma.application.create({\n data: {\n id: id,\n name: name,\n signature_test: placeholder_test,\n signature_live: placeholder_live,\n allowedOrigins: allowedOrigins ?? [],\n owner: {\n connect: {\n id: owner.id,\n },\n },\n },\n });\n\n const salt_test = nanoid(10);\n const salt_live = nanoid(10);\n const signature_test = application.id + salt_test;\n const signature_live = application.id + salt_live;\n\n const updated = await prisma.application.update({\n where: { id: application.id },\n data: {\n signature_test,\n signature_live,\n },\n });\n\n // once application is created and initially signed, sync to the keys table\n await sync(updated);\n\n return updated;\n}\n\nexport async function convertApplication({\n onboarding_id,\n checkout_session_id,\n}: {\n onboarding_id: string;\n checkout_session_id: string;\n}) {\n const checkout_session = await stripe.checkout.sessions.retrieve(\n checkout_session_id as string\n );\n\n const { customer: stripe_customer } = checkout_session;\n const stripe_customer_id =\n typeof stripe_customer === \"string\" ? stripe_customer : stripe_customer.id;\n\n const customer = await prisma.customer.findUnique({\n where: { stripeId: stripe_customer_id },\n });\n\n // place this right before application create since its a delete and cannot be undone. (reduce chance of error when it fails)\n const tmp = await prisma.onboardingApplications.delete({\n where: { id: onboarding_id as string },\n });\n\n const application = await createApplication({\n id: tmp.id,\n name: tmp.name || \"Untitled\",\n allowedOrigins: tmp.allowedOrigins,\n owner: { id: customer.id },\n });\n\n const signed = await signApplication(application);\n\n // once application is created and initially signed, sync to the keys table\n await sync(application);\n\n // send email to the user\n try {\n await emailWithTemplate(\n customer.email,\n `mail_cors_sh_onboarding_with_payment_success_${process.env.STAGE}`,\n {\n APPLICATIONNAME: tmp.name,\n CODE_LIVE: signed.apikey_live,\n CODE_TEST: signed.apikey_test,\n }\n );\n console.log(\"email sent\", true);\n // // set email verified to true?\n } catch (e) {\n console.error(\"email failed\", e);\n }\n\n // log event to slack\n try {\n await logNewApplication(signed);\n } catch (e) {\n console.error(\"failed to log new application\", e); // not critical\n }\n\n return application;\n}\n" }, { "path": "services/services.cors.sh/deploy/dev.sh", "content": "sls deploy --stage development \\\n --param=\"domain=false\" \\\n --param=\"service-keys-rcu=1\" \\\n --param=\"service-keys-wcu=1\"" }, { "path": "services/services.cors.sh/deploy/prod.sh", "content": "sls deploy --stage production \\\n --param=\"domain=true\" \\\n --param=\"service-keys-rcu=256\" \\\n --param=\"service-keys-wcu=4\"" }, { "path": "services/services.cors.sh/deploy/staging.sh", "content": "sls deploy --stage staging \\\n --param=\"domain=false\" \\\n --param=\"service-keys-rcu=1\" \\\n --param=\"service-keys-wcu=1\"" }, { "path": "services/services.cors.sh/index.ts", "content": "import { configure as serverlessExpress } from \"@codegenie/serverless-express\";\nimport { APIGatewayProxyHandler } from \"aws-lambda\";\n\nimport { app } from \"./app\";\n\nexport const handler: APIGatewayProxyHandler = serverlessExpress({ app });\n" }, { "path": "services/services.cors.sh/jest.config.js", "content": "// jest config - ts\nmodule.exports = {\n preset: \"ts-jest\",\n setupFiles: [\"/test/setup-tests.ts\"],\n};\n" }, { "path": "services/services.cors.sh/keygen/index.ts", "content": "import crypto from \"crypto\";\nimport day from \"dayjs\";\n\nconst API_KEY_TEMP_AES_KEY = process.env.API_KEY_TEMP_AES_KEY;\nconst _aes_key = Buffer.from(API_KEY_TEMP_AES_KEY, \"hex\");\nconst API_KEY_TEMP_AES_IV: string = process.env.API_KEY_TEMP_AES_IV!;\nconst _aes_iv = Buffer.from(API_KEY_TEMP_AES_IV, \"hex\");\n\nconst API_KEY_TEST_HASH_SECRET = process.env.API_KEY_TEST_HASH_SECRET;\nconst API_KEY_LIVE_HASH_SECRET = process.env.API_KEY_LIVE_HASH_SECRET;\n\nconst API_KEY_HASH_SECRET_BY_TYPE = {\n test: API_KEY_TEST_HASH_SECRET,\n live: API_KEY_LIVE_HASH_SECRET,\n} as const;\n\ninterface PermanentKey {\n signature: string;\n type: \"test\" | \"live\";\n}\n\nconst TMP_KEY_PREFIX = \"temp\";\nconst TEST_KEY_PREFIX = \"test\";\nconst LIVE_KEY_PREFIX = \"live\";\nconst TMP_KEY_EXP_IN_DAYS = 3;\n\nfunction test_key(signature: string): PermanentKey {\n return {\n signature,\n type: \"test\",\n };\n}\n\nfunction live_key(signature: string): PermanentKey {\n return {\n signature,\n type: \"live\",\n };\n}\n\nexport function sign_temporary_key() {\n const expires_at = day().add(TMP_KEY_EXP_IN_DAYS, \"day\");\n\n const token = expires_at.unix().toString();\n\n // convert to complex string with aes\n let cipher = crypto.createCipheriv(\"aes-256-cbc\", _aes_key, _aes_iv);\n\n // this may be considered as insecure. yes. it may be vulnerable to ciphertext attack,\n // even though it is fine because we have a rate-limit for temporary api keys and it does not have a clear usecase. for hackers to take benefits from this.\n let encrypted = cipher.update(token, \"utf8\", \"hex\") + cipher.final(\"hex\");\n\n return {\n key: prefix(\"temp\") + \"_\" + encrypted,\n expires_at,\n };\n}\n\nexport function sign(signature: string, type: \"test\" | \"live\") {\n switch (type) {\n case \"test\":\n return sign_test_key(signature);\n case \"live\":\n return sign_live_key(signature);\n }\n}\n\nexport function sign_test_key(signature: string) {\n const token = encrypt(test_key(signature), \"test\");\n return {\n key: prefix(\"test\") + \"_\" + token,\n token,\n };\n}\n\nexport function sign_live_key(signature: string) {\n const token = encrypt(live_key(signature), \"live\");\n\n return {\n key: prefix(\"live\") + \"_\" + token,\n token,\n };\n}\n\n//\n// migrate this to cors.sh\nexport function validate_jwt(token: string) {\n if (token.startsWith(TMP_KEY_PREFIX)) {\n //\n } else if (token.startsWith(TEST_KEY_PREFIX)) {\n //\n } else if (token.startsWith(LIVE_KEY_PREFIX)) {\n //\n } else {\n throw \"Invalid token format\";\n }\n}\n\nfunction prefix(type: \"test\" | \"live\" | \"temp\") {\n switch (type) {\n case \"test\":\n return TEST_KEY_PREFIX;\n case \"live\":\n return LIVE_KEY_PREFIX;\n case \"temp\":\n return TMP_KEY_PREFIX;\n }\n}\n\nfunction encrypt(data: string | object, type: \"test\" | \"live\") {\n const key = API_KEY_HASH_SECRET_BY_TYPE[type];\n const hmac = crypto.createHmac(\"sha256\", key);\n hmac.update(JSON.stringify(data));\n return hmac.digest(\"hex\");\n}\n" }, { "path": "services/services.cors.sh/package.json", "content": "{\n \"name\": \"@cors.sh/service-layer\",\n \"version\": \"0.0.0\",\n \"description\": \"CORS.SH's service layer for managing api keys & subscription\",\n \"homepage\": \"https://cors.sh\",\n \"scripts\": {\n \"prisma:format\": \"npx prisma format\",\n \"prisma:studio\": \"npx prisma studio\",\n \"prisma:generate\": \"npx prisma generate\",\n \"prisma:generate:watch\": \"npx prisma generate --watch\",\n \"postinstall\": \"npm run prisma:generate && npm run prisma:format\",\n \"db:push\": \"npx prisma db push\",\n \"clean\": \"rimraf .build\",\n \"dev\": \"sls offline start --stage development\",\n \"deploy:staging\": \"yarn clean && source ./deploy/staging.sh\",\n \"deploy:prod\": \"yarn clean && yarn db:push && source ./deploy/prod.sh\",\n \"deploy:dev\": \"yarn clean && yarn db:push && source ./deploy/dev.sh\",\n \"package\": \"sls package --stage development\",\n \"sls:ses-template:deply\": \"sls ses-template deploy --stage development\",\n \"test\": \"jest\"\n },\n \"dependencies\": {\n \"@aws-sdk/client-ses\": \"^3.163.0\",\n \"@codegenie/serverless-express\": \"^4.16.0\",\n \"@prisma/client\": \"^4.8.0\",\n \"axios\": \"^1.2.2\",\n \"body-parser\": \"^1.20.0\",\n \"cors\": \"^2.8.5\",\n \"dayjs\": \"^1.11.5\",\n \"express\": \"^4.18.1\",\n \"express-useragent\": \"^1.0.15\",\n \"jsonwebtoken\": \"^8.5.1\",\n \"multer\": \"^1.4.4\",\n \"nanoid\": \"^3.3.3\",\n \"reading-time\": \"^1.5.0\",\n \"serverless-http\": \"^3.0.1\",\n \"stripe\": \"^10.7.0\"\n },\n \"devDependencies\": {\n \"@haftahave/serverless-ses-template\": \"^4.0.5\",\n \"@types/aws-lambda\": \"^8.10.95\",\n \"@types/body-parser\": \"^1.19.2\",\n \"@types/cors\": \"^2.8.12\",\n \"@types/express\": \"^4.17.13\",\n \"@types/jest\": \"^29.2.5\",\n \"@types/jsonwebtoken\": \"^8.5.9\",\n \"@types/multer\": \"^1.4.7\",\n \"@types/node\": \"^17.0.29\",\n \"jest\": \"^29.3.1\",\n \"rimraf\": \"^3.0.2\",\n \"serverless\": \"^3.17.0\",\n \"serverless-domain-manager\": \"^6.0.3\",\n \"serverless-offline\": \"^8.7.0\",\n \"serverless-webpack\": \"^5.15.1\",\n \"serverless-webpack-prisma\": \"^1.1.0\",\n \"ts-jest\": \"^29.0.3\",\n \"ts-loader\": \"^9.3.0\",\n \"typescript\": \"^5.8.2\",\n \"webpack\": \"^5.72.1\",\n \"webpack-node-externals\": \"^3.0.0\"\n }\n}\n" }, { "path": "services/services.cors.sh/prisma/schema.prisma", "content": "// This is your Prisma schema file,\n// learn more about it in the docs: https://pris.ly/d/prisma-schema\n\ndatasource db {\n provider = \"mongodb\"\n url = env(\"DATABASE_URL\")\n}\n\ngenerator client {\n provider = \"prisma-client-js\"\n binaryTargets = [\"native\", \"rhel-openssl-1.0.x\"]\n}\n\nmodel Application {\n id String @id @default(auto()) @map(\"_id\") @db.ObjectId\n name String @default(\"Untitled\")\n allowedOrigins String[]\n allowedTargets String[]\n\n owner Customer @relation(fields: [ownerId], references: [id])\n ownerId String @db.ObjectId\n\n archivedAt DateTime?\n createdAt DateTime @default(now())\n\n // follows the user's plan + 1Mo\n // if user is using a monthly plan, it will be now + 2Mo (initially)\n // everytime the subscription is renewed, it will be end date + 1Mo\n expiresAt DateTime?\n\n // signature for live api key\n signature_live String @unique\n // signature for test api key\n signature_test String @unique\n\n @@map(\"applications\")\n}\n\nmodel OnboardingApplications {\n id String @id @default(auto()) @map(\"_id\") @db.ObjectId\n email String @unique\n name String?\n allowedOrigins String[] @default([])\n priceId String?\n key String @unique\n emailSentAt DateTime[] @default([])\n createdAt DateTime @default(now())\n updatedAt DateTime @updatedAt\n\n // now + n hours\n expiresAt DateTime\n\n @@map(\"applications_onboarding\")\n}\n\n// grida workspace <> stripe customer\nmodel Customer {\n id String @id @default(auto()) @map(\"_id\") @db.ObjectId\n email String @unique\n emailVerified Boolean @default(false)\n stripeId String @unique\n // grida workspace (user) id\n // workspaceId String @unique\n // subscriptions Subscription[]\n applications Application[]\n createdAt DateTime @default(now())\n\n @@map(\"customers\")\n}\n\n// model Subscription {\n// @@map(\"subscriptions\")\n// id String @id @default(auto()) @map(\"_id\") @db.ObjectId\n// customer Customer @relation(fields: [customerId], references: [id])\n// customerId String @db.ObjectId\n// // stripe subscription id\n// subscriptionId String @unique\n// // price id from stripe (product is not saved in db.)\n// priceId String\n\n// createdAt DateTime @default(now())\n// }\n" }, { "path": "services/services.cors.sh/routes/applications/index.ts", "content": "import { Application } from \"@prisma/client\";\nimport * as express from \"express\";\nimport { prisma } from \"../../clients\";\nimport {\n createApplication,\n signApplication,\n} from \"../../controllers/applications\";\n\nconst router = express.Router();\n\n// list all my applications\nrouter.get(\"/\", async (req, res) => {\n const applications = await prisma.application.findMany({\n where: {\n ownerId: res.locals.customer.id,\n },\n });\n\n res.json(applications);\n});\n\n// get a single application\nrouter.get(\"/:id\", async (req, res) => {\n console.info(\"fething application securely\", {\n id: req.params.id,\n customer: res.locals.customer,\n });\n const id = req.params.id;\n const application = await prisma.application.findUnique({\n where: {\n id: id,\n },\n });\n\n console.info(\"fetched application\", application);\n\n if (!application) {\n return res.status(404).json({ error: \"application not found\" });\n }\n\n if (application.ownerId !== res.locals.customer.id) {\n return res.status(403).json({ error: \"application not found\" });\n }\n\n const signed = await signApplication(application);\n\n res.json(msak(signed));\n});\n\n// create a new application\nrouter.post(\"/\", async (req, res) => {\n //\n const { name } = req.body;\n\n const app = await createApplication({\n name,\n owner: res.locals.customer,\n });\n\n const signed = await signApplication(app);\n\n res.json(msak(signed));\n});\n\nrouter.put(\"/:id\", async (req, res) => {\n const id = req.params.id;\n await prisma.application.update({\n where: {\n id: id,\n },\n data: {\n ...req.body,\n },\n });\n\n res.json({ success: true }); // or.. updated body?\n});\n\nfunction msak(\n signed: Application & {\n apikey_test: string;\n apikey_live: string;\n }\n) {\n return {\n id: signed.id,\n name: signed.name,\n allowedOrigins: signed.allowedOrigins,\n allowedTargets: signed.allowedTargets,\n // available once\n apikey_test: signed.apikey_test,\n apikey_live: signed.apikey_live,\n };\n}\n\nexport default router;\n" }, { "path": "services/services.cors.sh/routes/auth/index.ts", "content": "import * as express from \"express\";\nimport Axios from \"axios\";\nimport { prisma } from \"../../clients\";\nimport { encode_jwt, SECURE_BROWSER_COOKIE_AUTH_KEY } from \"../../auth\";\n\nconst router = express.Router();\n\nconst authclient = Axios.create({\n baseURL: \"https://accounts.services.grida.co\",\n});\n\n// user signin with grida, retrieve oauth token from grida, sends it here,\n// this service will check the token, if valid, it will generate a new token for the user,\n// and send it back to the client with secure, http only cookie.\nrouter.post(\"signin\", async (req, res) => {\n const authorization = req.headers[\"proxy-authorization\"];\n if (!authorization) {\n res.status(401).json({ error: \"no authorization header\" });\n return;\n }\n\n // authenticate via accounts.grida.co\n // request auth server for authentication.\n const { data } = await authclient.get(\"/verify\", {\n headers: {\n // proxy the header, in form of \"Bearer \"\n authorization,\n },\n });\n\n const customer = await prisma.customer.findUnique({\n // @ts-ignore\n where: {\n // workspaceId: data.id,\n },\n });\n\n // sign customer (user) signature\n const jwt = encode_jwt(customer.id);\n\n // set secure cookie when authorized.\n res\n .cookie(SECURE_BROWSER_COOKIE_AUTH_KEY, jwt, {\n signed: true,\n domain: \".cors.sh\",\n secure: true,\n httpOnly: true,\n sameSite: \"strict\",\n // no expiration. it is a secure cookie, that only has access to cors.sh. let's keep it this way for now.\n // expires: null\n })\n .json({\n success: true,\n customer: customer,\n });\n});\n\nexport default router;\n" }, { "path": "services/services.cors.sh/routes/index.ts", "content": "import * as express from \"express\";\nimport router_payments from \"./payments\";\nimport router_stripe_webhooks from \"./webhooks-stripe\";\nimport router_applications from \"./applications\";\nimport router_onboarding from \"./onboarding\";\nimport router_auth from \"./auth\";\nimport cors from \"cors\";\nimport { authMiddleware } from \"../auth\";\n\nconst router = express.Router();\n\nconst cors_website_only = cors({\n origin: process.env.NODE_ENV === \"production\" ? \"https://cors.sh\" : \"*\",\n});\n\n// router.use(\"/\", router_posts);\nrouter.use(\"/auth\", cors_website_only, router_auth);\nrouter.use(\"/payments\", router_payments);\nrouter.use(\"/webhooks/stripe\", router_stripe_webhooks);\nrouter.use(\n \"/applications\",\n cors_website_only,\n authMiddleware,\n router_applications\n);\nrouter.use(\"/onboarding\", cors_website_only, router_onboarding);\n\nexport default router;\n" }, { "path": "services/services.cors.sh/routes/onboarding/index.ts", "content": "import * as express from \"express\";\nimport {\n getOnboardingApplication,\n createOnboardingApplication,\n convertApplication,\n} from \"../../controllers/applications\";\n\nconst router = express.Router();\n\nconst blacklist = [\n \"nqmo.com\",\n \"qabq.com\",\n \"mailinator.com\",\n \"10minutemail.com\",\n \"guerrillamail.com\",\n \"temp-mail.org\",\n \"yopmail.com\",\n \"throwawaymail.com\",\n \"dispostable.com\",\n \"getnada.com\",\n \"maildrop.cc\",\n \"pastryofistanbul.com\",\n \"litepax.com\",\n \"raleigh-construction.com\",\n \"questtechsystems.com\",\n \"teihu.com\",\n \"oakon.com\",\n \"namestal.com\"\n];\n\n// create\nrouter.post(\"/with-email\", async (req, res) => {\n // create new temporary application bind to the email (form is optional)\n\n const { email } = req.body;\n\n // @requires: email\n if (!email) {\n return res.status(400).json({ error: \"email is required\" });\n }\n\n //\n if (blacklist.some((d) => email.includes(d))) {\n return res.status(400).json({ error: \"bad email - do not hack us.\" });\n }\n\n const d = await createOnboardingApplication({\n type: \"with-email\",\n email,\n });\n\n res.status(201).json(d);\n});\n\nrouter.post(\"/with-form\", async (req, res) => {\n // create new temporary application bind to the form (email is optional)\n\n const { name, allowedOrigins, priceId } = req.body;\n\n const d = await createOnboardingApplication({\n type: \"with-form\",\n name,\n allowedOrigins,\n priceId,\n });\n\n res.status(201).json(d);\n});\n\nrouter.get(\"/:id\", async (req, res) => {\n // this route does not have a guard by design.\n // get onboarding application (only public data)\n const { id } = req.params;\n\n const d = await getOnboardingApplication(id);\n\n if (!d) {\n return res.status(404).json({ error: \"application not found\" });\n }\n\n res.status(200).json(d);\n});\n\n// conversion\nrouter.post(\"/:id/convert\", async (req, res) => {\n const { id: onboarding_id } = req.params;\n const { checkout_session_id } = req.body;\n\n const application = await convertApplication({\n onboarding_id,\n checkout_session_id,\n });\n\n res.status(201).json(application);\n});\n\nexport default router;\n" }, { "path": "services/services.cors.sh/routes/payments/index.ts", "content": "import type { Customer } from \"@prisma/client\";\nimport * as express from \"express\";\nimport { prisma, stripe } from \"../../clients\";\nimport { getOnboardingApplication } from \"../../controllers/applications\";\n\nconst router = express.Router();\n\nconst WEBHOST = process.env.WEBHOST;\nconst WEBURL_CONSOLE = WEBHOST + \"/console\";\nconst PROTOCOL = process.env.NODE_ENV === \"production\" ? \"https\" : \"http\";\n// e.g.\n// http://localhost:4021/payments/checkout/new?price=price_1Lda7UAvR3geCh5rVaajCSw6&onboarding_id=63b9a40c02478a88364d7202\nrouter.get(\"/checkout/new\", async (req, res) => {\n const host = req.headers.host;\n\n const { onboarding_id: _q_onboarding } = req.query;\n\n const onboarding = await getOnboardingApplication(_q_onboarding as string);\n\n if (!onboarding) {\n return res.status(400).json({ error: \"invalid session\" });\n }\n\n const { priceId } = onboarding;\n\n const price = await stripe.prices.retrieve(priceId, {\n expand: [\"product\"],\n });\n\n const extra_params = new URLSearchParams({\n onboarding_id: _q_onboarding as string,\n });\n\n const session = await stripe.checkout.sessions.create({\n billing_address_collection: \"auto\",\n line_items: [\n {\n price: price.id,\n // For metered billing, do not pass quantity\n quantity: 1,\n },\n ],\n mode: \"subscription\",\n // e.g. http://localhost:8823/?success=true&session_id=cs_test_a1qQdhxwfS5kKZJ1kToxKqAr2K6yHneucfi65lIs1OPVkmoH14YNAev76S\n success_url: `${PROTOCOL}://${host}/payments/success?session_id={CHECKOUT_SESSION_ID}&${extra_params}`,\n cancel_url: `${PROTOCOL}://${host}/payments/canceled?session_id={CHECKOUT_SESSION_ID}&${extra_params}`,\n });\n\n res.redirect(303, session.url);\n});\n\nrouter.get(\"/success\", async (req, res) => {\n const { session_id, onboarding_id } = req.query;\n\n const checkout_session = await stripe.checkout.sessions.retrieve(\n session_id as string\n );\n\n const {\n customer: stripe_customer_id,\n customer_email, // can be null if created on checkout page (unless explicitly specified by our side.)\n customer_details,\n subscription,\n } = checkout_session;\n\n // on success, convert onboarding app to a real app (and remove the temporary app)\n // (if user has one.)\n\n // remove\n const tmp = await prisma.onboardingApplications.findUnique({\n where: { id: onboarding_id as string },\n });\n\n // if onboarding's email is placeholded. get email from checkout via stripe\n const email = tmp.email.endsWith(\"@unknown-users.cors.sh\")\n ? customer_email ?? customer_details.email\n : tmp.email;\n\n // create customer\n // TODO: what if already exists?\n\n let customer_exists_with_same_email: Customer;\n try {\n customer_exists_with_same_email = await prisma.customer.findUnique({\n where: { email },\n });\n } catch (e) {\n console.error(\"Caught exeption while finding existing customer\", e);\n }\n\n if (customer_exists_with_same_email) {\n // TODO: we'll need a better way to handle this since we need to test this with same email multiple times.\n // we can't tell if the purchase is for the same user or not.\n // yet, if the existing one is verified, we should protect it.\n // if not, we should give the new one a chance.\n const params = new URLSearchParams({\n error: \"identity_conflict\",\n message:\n \"Your payment was successful, but we detected a suspicious activity. Please contact customer support.\",\n session_id: session_id as string,\n onboarding_id: tmp.id,\n application_id: tmp.id,\n });\n const redirect_uri = `${WEBHOST}/onboarding/payment-success-with-issue?${params.toString()}`;\n res.redirect(303, redirect_uri);\n } else {\n const customer = await prisma.customer.create({\n data: {\n stripeId: stripe_customer_id as string,\n email: email,\n emailVerified: false,\n },\n });\n\n const _params = {\n session_id: session_id as string,\n onboarding_id: tmp?.id,\n customer_id: customer.id,\n application_id: tmp.id,\n };\n // prettier-ignore\n Object.keys(_params).forEach((key) => _params[key] === undefined ? delete _params[key] : {});\n\n const params = new URLSearchParams(_params);\n\n const redirect_uri = `${WEBHOST}/onboarding/payment-success?${params.toString()}`;\n\n res.redirect(303, redirect_uri);\n }\n});\n\nrouter.get(\"/canceled\", async (req, res) => {\n // remove the temporary app\n const { session_id, onboarding_id } = req.query;\n\n res.redirect(303, `https://cors.sh/`);\n});\n\nrouter.post(\"/portal-session\", async (req, res) => {\n // For demonstration purposes, we're using the Checkout session to retrieve the customer ID.\n // Typically this is stored alongside the authenticated user in your database.\n const { session_id } = req.body;\n const checkoutSession = await stripe.checkout.sessions.retrieve(session_id);\n\n // This is the url to which the customer will be redirected when they are done\n // managing their billing with the portal.\n const returnUrl = WEBURL_CONSOLE;\n\n const portalSession = await stripe.billingPortal.sessions.create({\n customer: checkoutSession.customer as string,\n return_url: returnUrl,\n });\n\n res.redirect(303, portalSession.url);\n});\n\nexport default router;\n" }, { "path": "services/services.cors.sh/routes/payments/readme.md", "content": "# Payments with stripe\n\n## About\n\nThis subscirption checkout follows instruction from https://stripe.com/docs/billing/quickstart which uses the checkout api, webhooks and customer portal for subscription management. Most of the service relies on stripe's built in features.\n\n## Setting up webhook\n\n**Local testing (manual trigger)**\n\n[Install stripe cli](https://stripe.com/docs/stripe-cli)\n\n```bash\nbrew install stripe/stripe-cli/stripe\n```\n\nFollow the instructions at https://dashboard.stripe.com/webhooks/create?endpoint_location=local\n\n```bash\nstripe login\nstripe listen --forward-to localhost:4242/webhook\nstripe trigger payment_intent.succeeded # or other event as you want\n```\n\n**Local testing (production testing)**\n\nSetup ngrok to proxy request & register webhook at https://dashboard.stripe.com/webhooks/create?endpoint_location=hosted\n" }, { "path": "services/services.cors.sh/routes/webhooks-stripe/index.ts", "content": "import * as express from \"express\";\nimport { stripe } from \"../../clients\";\n\nconst router = express.Router();\n\nrouter.post(\n /**\n * /webhooks/stripe - defined in routes/index.ts\n */\n \"/\",\n express.raw({ type: \"application/json\" }),\n (request, response) => {\n let event = request.body;\n // Replace this endpoint secret with your endpoint's unique secret\n // If you are testing with the CLI, find the secret by running 'stripe listen'\n // If you are using an endpoint defined with the API or dashboard, look in your webhook settings\n // at https://dashboard.stripe.com/webhooks\n const endpointSecret = process.env.STRIPE_WEBHOOK_SECRET;\n // Only verify the event if you have an endpoint secret defined.\n // Otherwise use the basic event deserialized with JSON.parse\n if (endpointSecret) {\n // Get the signature sent by Stripe\n const signature = request.headers[\"stripe-signature\"];\n try {\n event = stripe.webhooks.constructEvent(\n request.body,\n signature,\n endpointSecret\n );\n } catch (err) {\n console.log(`โš ๏ธ Webhook signature verification failed.`, err.message);\n return response.sendStatus(400);\n }\n }\n let subscription;\n let status;\n // Handle the event\n switch (event.type) {\n case \"customer.subscription.trial_will_end\":\n subscription = event.data.object;\n status = subscription.status;\n console.log(`Subscription status is ${status}.`);\n // Then define and call a method to handle the subscription trial ending.\n // handleSubscriptionTrialEnding(subscription);\n break;\n case \"customer.subscription.deleted\":\n subscription = event.data.object;\n status = subscription.status;\n console.log(`Subscription status is ${status}.`);\n // Then define and call a method to handle the subscription deleted.\n // handleSubscriptionDeleted(subscriptionDeleted);\n break;\n case \"customer.subscription.created\":\n subscription = event.data.object;\n status = subscription.status;\n console.log(`Subscription status is ${status}.`);\n // Then define and call a method to handle the subscription created.\n // handleSubscriptionCreated(subscription);\n break;\n case \"customer.subscription.updated\":\n subscription = event.data.object;\n status = subscription.status;\n console.log(`Subscription status is ${status}.`);\n // Then define and call a method to handle the subscription update.\n // handleSubscriptionUpdated(subscription);\n break;\n default:\n // Unexpected event type\n console.log(`Unhandled event type ${event.type}.`);\n }\n // Return a 200 response to acknowledge receipt of the event\n response.send();\n }\n);\n\nexport default router;\n" }, { "path": "services/services.cors.sh/scripts/aes-256-cbc-creds.js", "content": "// used for generating AES-256-CBC credentials. which is used for generating temp api codes\n\nconst crypto = require(\"crypto\");\n\n// Generate a 256-bit (32-byte) key\nconst key = crypto.randomBytes(32);\nconsole.log(\"Key:\", key.toString(\"hex\"));\n\n// Generate a 128-bit (16-byte) IV\nconst iv = crypto.randomBytes(16);\nconsole.log(\"IV:\", iv.toString(\"hex\"));\n" }, { "path": "services/services.cors.sh/serverless.yml", "content": "service: cors-proxy-service\nuseDotenv: true\nplugins:\n - serverless-webpack\n - serverless-webpack-prisma\n - serverless-offline\n - serverless-domain-manager\n - \"@haftahave/serverless-ses-template\"\n\ncustom:\n customDomain:\n domainName: services.cors.sh\n certificateName: \"services.cors.sh\"\n basePath: \"\"\n createRoute53Record: false\n stage: production\n # enabled only for production - configured by package.json script with --domain flag.\n enabled: ${param:domain, false}\n sesTemplates:\n addStage: true\n serverless-offline:\n httpPort: 4021\n lambdaPort: 3021\n noPrependStageInUrl: true\n webpack:\n includeModules: true\n \n\nprovider:\n name: aws\n runtime: nodejs14.x\n region: us-west-1\n environment:\n DATABASE_URL: ${env:DATABASE_URL}\n STRIPE_API_KEY: ${env:STRIPE_API_KEY}\n STRIPE_WEBHOOK_SECRET: ${env:STRIPE_WEBHOOK_SECRET}\n WEBHOST: ${env:WEBHOST}\n API_KEY_TEMP_AES_KEY: ${env:API_KEY_TEMP_AES_KEY}\n API_KEY_TEMP_AES_IV: ${env:API_KEY_TEMP_AES_IV}\n API_KEY_TEST_HASH_SECRET: ${env:API_KEY_TEST_HASH_SECRET}\n API_KEY_LIVE_HASH_SECRET: ${env:API_KEY_LIVE_HASH_SECRET}\n SERVICE_JWT_SECRET: ${env:SERVICE_JWT_SECRET}\n SLACK_CHANNEL: ${env:SLACK_CHANNEL}\n SLACK_TOKEN: ${env:SLACK_TOKEN}\n DYNAMODB_TABLE_SERVICE_KEYS: \"${self:service}-keys-${opt:stage, self:provider.stage}\"\n STAGE: ${opt:stage, self:provider.stage}\n apiGateway:\n # https://stackoverflow.com/questions/61003311/serverless-i-image-upload-to-s3-broken-after-deploy-local-worked-only/61003498#61003498\n binaryMediaTypes:\n - \"*/*\"\n iamRoleStatements:\n # email with ses\n - Effect: Allow\n Action:\n - ses:SendEmail\n - ses:SendTemplatedEmail\n Resource: \"*\"\n - Effect: Allow\n Action:\n - dynamodb:Query\n - dynamodb:Scan\n - dynamodb:GetItem\n - dynamodb:PutItem\n - dynamodb:UpdateItem\n - dynamodb:DeleteItem\n - dynamodb:DescribeTable\n Resource: \"arn:aws:dynamodb:${opt:region, self:provider.region}:*:table/${self:provider.environment.DYNAMODB_TABLE_SERVICE_KEYS}\"\n\nresources:\n Resources:\n serviceKeysTable:\n Type: AWS::DynamoDB::Table\n Properties:\n TableName: \"${self:provider.environment.DYNAMODB_TABLE_SERVICE_KEYS}\"\n AttributeDefinitions:\n - AttributeName: key\n AttributeType: S\n KeySchema:\n - AttributeName: key\n KeyType: HASH\n ProvisionedThroughput:\n # $0.000145 per RCU\n ReadCapacityUnits: ${param:service-keys-rcu, 1}\n # $0.000725 per WCU\n WriteCapacityUnits: ${param:service-keys-wcu, 1}\n\nfunctions:\n main:\n handler: index.handler\n events:\n - http:\n method: any\n path: /{proxy+}\n cors:\n origin: \"*\"\n - http:\n method: get\n path: /\n cors:\n origin: \"*\"\n\npackage:\n individually: true\n" }, { "path": "services/services.cors.sh/ses-email-templates/index.js", "content": "const fs = require(\"fs\");\nconst path = require(\"path\");\n\nconst dir = path.join(__dirname, \"../../mail.cors.sh\", \"render\");\nconst templates = fs\n .readdirSync(dir)\n // list files ending with .template.html\n .filter((file) => file.endsWith(\".template.html\"));\n\nconst prefix = \"mail_cors_sh_\";\n\nmodule.exports = async (serverless, options) =>\n templates.map((file) => {\n const fname = file.replace(\".template.html\", \"\");\n const name = prefix + fname;\n const subject = fs.readFileSync(path.join(dir, `${fname}.subject`), \"utf8\");\n const html = fs.readFileSync(path.join(dir, file), \"utf8\");\n return { name, subject, html };\n });\n" }, { "path": "services/services.cors.sh/sync/index.ts", "content": "import AWS from \"aws-sdk\";\nimport * as keygen from \"../keygen\";\nimport type { KeyInfo } from \"./type\";\nimport type { Application } from \"@prisma/client\";\nimport day from \"dayjs\";\n\nconst db = new AWS.DynamoDB.DocumentClient();\n\nexport default async function sync(application: Application) {\n const { id, signature_live, signature_test, allowedOrigins, allowedTargets } =\n application;\n\n // TODO: we are using application.id as the billing group, but we should\n // use the subscription id instead (in the future)\n const billing_group = id;\n\n const data = {\n // TODO: get plan data\n // for now, fixing it as \"2023.t1\", which is the pro plan\n plan: \"2023.t1\",\n allowedOrigins,\n allowedTargets,\n };\n\n // TODO: get subscription data. to calculate expires_at\n // for now, we are givving all keys a 3 year expiry\n const expires_at = day().add(3, \"year\").unix();\n\n // test\n sync_record(signature_test, \"test\", billing_group, expires_at, data);\n\n // live\n sync_record(signature_live, \"live\", billing_group, expires_at, data);\n}\n\nfunction sync_record(\n signature: string,\n type: \"live\" | \"test\",\n billing_group: string,\n expires_at: number,\n data: {\n plan: string;\n allowedOrigins: string[];\n allowedTargets: string[];\n }\n) {\n const record: KeyInfo = {\n key: keygen.sign(signature, type).token,\n plan: data.plan,\n config: {\n allowed_origins: data.allowedOrigins,\n allowed_targets: data.allowedTargets,\n },\n active: true,\n billing_group,\n expires_at,\n synced_at: day().unix(),\n };\n\n // write to db\n return db\n .put({\n TableName: process.env.DYNAMODB_TABLE_SERVICE_KEYS!,\n Item: record,\n })\n .promise();\n}\n\nexport async function activate(id: string, active: boolean) {\n // update \"active\" field of the key\n // write to db\n\n return db.update({\n TableName: process.env.DYNAMODB_TABLE_SERVICE_KEYS!,\n Key: {\n id,\n },\n UpdateExpression: \"set active = :active\",\n ExpressionAttributeValues: {\n \":active\": active,\n },\n });\n}\n" }, { "path": "services/services.cors.sh/sync/type.ts", "content": "// shared db\nexport interface KeyInfo {\n key: string;\n plan: string;\n config: {\n allowed_origins: string[];\n allowed_targets: string[];\n };\n active: boolean;\n billing_group: string;\n expires_at: number;\n synced_at: number;\n}\n" }, { "path": "services/services.cors.sh/test/config.env.test", "content": "API_KEY_TEMP_OTP_SECRET=\"test\"" }, { "path": "services/services.cors.sh/test/setup-tests.ts", "content": "import dotenv from \"dotenv\";\n\ndotenv.config({ path: \"./config.env.test\" });\n" }, { "path": "services/services.cors.sh/tsconfig.json", "content": "{\n \"compilerOptions\": {\n \"module\": \"commonjs\",\n \"declaration\": true,\n \"noImplicitAny\": false,\n \"removeComments\": true,\n \"noLib\": false,\n \"esModuleInterop\": true,\n \"allowSyntheticDefaultImports\": true,\n \"emitDecoratorMetadata\": true,\n \"experimentalDecorators\": true,\n \"target\": \"es6\",\n \"sourceMap\": true,\n \"outDir\": \"./dist\",\n \"baseUrl\": \".\",\n \"typeRoots\": [\"./node_modules/@types\"]\n },\n \"exclude\": [\"node_modules\", \"dist\"]\n}\n" }, { "path": "services/services.cors.sh/webpack.config.js", "content": "/* eslint-disable @typescript-eslint/no-var-requires */\nconst path = require(\"path\");\nconst nodeExternals = require(\"webpack-node-externals\");\nconst slsw = require(\"serverless-webpack\");\nconst { isLocal } = slsw.lib.webpack;\n\nmodule.exports = {\n target: \"node\",\n stats: \"normal\",\n entry: slsw.lib.entries,\n externals: [nodeExternals()],\n mode: isLocal ? \"development\" : \"production\",\n optimization: { concatenateModules: false },\n resolve: { extensions: [\".js\", \".ts\"] },\n module: {\n rules: [\n {\n test: /\\.tsx?$/,\n loader: \"ts-loader\",\n exclude: /node_modules/,\n },\n ],\n },\n output: {\n libraryTarget: \"commonjs\",\n filename: \"[name].js\",\n path: path.resolve(__dirname, \".webpack\"),\n },\n};\n" }, { "path": "web/.eslintrc.json", "content": "{\n \"extends\": \"next/core-web-vitals\"\n}\n" }, { "path": "web/.gitignore", "content": "# See https://help.github.com/articles/ignoring-files/ for more about ignoring files.\n\n# dependencies\n/node_modules\n/.pnp\n.pnp.js\n.yarn/install-state.gz\n\n# testing\n/coverage\n\n# next.js\n/.next/\n/out/\n\n# production\n/build\n\n# misc\n.DS_Store\n*.pem\n\n# debug\nnpm-debug.log*\nyarn-debug.log*\nyarn-error.log*\n\n# local env files\n.env*.local\n\n# vercel\n.vercel\n\n# typescript\n*.tsbuildinfo\nnext-env.d.ts\n" }, { "path": "web/README.md", "content": "This is a [Next.js](https://nextjs.org/) project bootstrapped with [`create-next-app`](https://github.com/vercel/next.js/tree/canary/packages/create-next-app).\n\n## Getting Started\n\nFirst, run the development server:\n\n```bash\nnpm run dev\n# or\nyarn dev\n# or\npnpm dev\n# or\nbun dev\n```\n\nOpen [http://localhost:3000](http://localhost:3000) with your browser to see the result.\n\nYou can start editing the page by modifying `app/page.tsx`. The page auto-updates as you edit the file.\n\nThis project uses [`next/font`](https://nextjs.org/docs/basic-features/font-optimization) to automatically optimize and load Inter, a custom Google Font.\n\n## Learn More\n\nTo learn more about Next.js, take a look at the following resources:\n\n- [Next.js Documentation](https://nextjs.org/docs) - learn about Next.js features and API.\n- [Learn Next.js](https://nextjs.org/learn) - an interactive Next.js tutorial.\n\nYou can check out [the Next.js GitHub repository](https://github.com/vercel/next.js/) - your feedback and contributions are welcome!\n\n## Deploy on Vercel\n\nThe easiest way to deploy your Next.js app is to use the [Vercel Platform](https://vercel.com/new?utm_medium=default-template&filter=next.js&utm_source=create-next-app&utm_campaign=create-next-app-readme) from the creators of Next.js.\n\nCheck out our [Next.js deployment documentation](https://nextjs.org/docs/deployment) for more details.\n" }, { "path": "web/app/(console)/console/[id]/page.tsx", "content": "'use client'\nimport React, { useEffect } from \"react\";\nimport styled from \"@emotion/styled\";\nimport { Pencil1Icon } from \"@radix-ui/react-icons\";\nimport client, { ApplicationWithApiKey } from \"@cors.sh/service-api\";\nimport { FormPageLayout, PageCloseButton } from \"@app/ui/layouts\";\nimport { Button, TextFormField } from \"@editor-ui/console\";\nimport { Logo } from \"@/components/logo\";\nimport { UnderlineButton } from \"@app/ui/components\";\nimport { ApiKeyReveal } from \"@app/ui/components\";\n\nexport default function ApplicationDetailPage({ params }: {\n params: {\n id: string;\n }\n}) {\n\n const application: ApplicationWithApiKey = {\n id: params.id,\n name: \"my-portfolio-website\",\n apikey_live: \"prod_1223-xasx-xxe2\",\n apikey_test: \"test_xxasdj-xxd9-x2hx\",\n allowedOrigins: []\n }\n\n return (\n \n \n \n
\n \n
\n \n\n \n \n\n \n Archive application\n
\n \n );\n}\n\nfunction EditableTitle({ initialValue = \"\" }: { initialValue?: string }) {\n const [editing, setEditing] = React.useState(false);\n const [text, setText] = React.useState(initialValue);\n const ref = React.useRef(null);\n\n useEffect(() => {\n if (editing) {\n // select all\n ref.current?.focus();\n ref.current?.setSelectionRange(0, text.length);\n }\n }, [editing]);\n\n return (\n \n setEditing(true)}\n onBlur={() => setEditing(false)}\n ref={ref}\n readOnly={!editing}\n contentEditable\n onChange={(e) => {\n setText(e.target.value);\n }}\n onKeyDown={(e) => {\n if (e.key === \"Enter\") {\n setEditing(false);\n }\n }}\n value={text}\n />\n setEditing(true)}\n >\n \n \n \n );\n}\n\nconst TitleInputWrapper = styled.div`\n position: relative;\n display: flex;\n align-items: center;\n justify-content: space-between;\n gap: 8px;\n\n input {\n width: 100%;\n box-sizing: border-box;\n font-size: 24px;\n font-weight: bold;\n border: none;\n text-align: center;\n outline: none;\n }\n\n .edit-button {\n position: absolute;\n right: 0;\n top: 0;\n bottom: 0;\n margin: auto;\n opacity: 0;\n cursor: pointer;\n border: none;\n background: none;\n outline: none;\n transition: opacity 0.2s ease;\n }\n\n &:hover {\n .edit-button {\n opacity: 1;\n }\n }\n`;" }, { "path": "web/app/(console)/console/new/page.tsx", "content": "'use client'\n\nimport React, { useEffect } from \"react\";\nimport { Button, TextFormField } from \"@editor-ui/console\";\nimport client from \"@cors.sh/service-api\";\nimport { useRouter } from \"next/navigation\";\nimport { FormPageLayout } from \"@app/ui/layouts\";\n\nexport default function NewApplicationPage() {\n const router = useRouter();\n const [name, setName] = React.useState(\"\");\n const [allowedOrigins, setAllowedOrigins] = React.useState(\"\");\n const [isBusy, setIsBusy] = React.useState(false);\n const [isValid, setIsValid] = React.useState(false);\n\n const validateUrls = (urls: string) => {\n const lines = urls.split(\",\").map((line) => line.trim());\n for (const line of lines) {\n try {\n new URL(line);\n } catch (e) {\n return false;\n }\n }\n return true;\n };\n\n const onCreateNewClick = () => {\n setIsBusy(true);\n client\n .createApplication({\n name: name,\n allowedOrigins: allowedOrigins\n .split(\",\")\n .map((origin) => origin.trim()),\n })\n .then((r) => {\n router.push(`/console/${r.id}`,);\n })\n .finally(() => {\n setIsBusy(false);\n });\n };\n\n useEffect(() => {\n setIsValid(name.length > 0 && validateUrls(allowedOrigins));\n }, [name, allowedOrigins]);\n\n return (\n \n

Create new application

\n
\n \n \n
\n \n Create Project\n \n
\n \n );\n}\n" }, { "path": "web/app/(console)/console/page.tsx", "content": "import React from \"react\";\nimport Link from \"next/link\";\nimport type { Metadata } from 'next'\nimport { ApplicationItem, ApplicationList } from \"@/components/console/application-list\";\nimport { FormPageLayout } from \"@app/ui/layouts\";\nimport { UnderlineButton } from \"@app/ui/components\";\n\n\nexport const metadata: Metadata = {\n title: \"Dashboard\",\n}\n\nexport default function ConsoleIndex() {\n const applications = [\n {\n id: \"1\",\n name: \"My app\",\n },\n {\n id: \"2\",\n name: \"My app 2\",\n },\n ]\n\n return (\n <>\n \n {/* */}\n
\n \n {applications.map((application) => (\n \n ))}\n \n
\n \n \n {/* */}\n Create new application\n {/* */}\n \n \n {/* */}\n Manage subscription\n {/* */}\n \n
\n \n \n );\n}\n" }, { "path": "web/app/(console)/layout.tsx", "content": "import type { Metadata } from 'next'\nimport { Inter } from 'next/font/google'\nimport { Toaster } from \"react-hot-toast\";\nimport '../globals.css'\nimport GoogleAnalytics from '@/components/ga';\nimport ChatwootWidget from \"@/components/chatwoot\";\nimport { Heading, Link, Theme } from '@radix-ui/themes';\nimport { GearIcon, GitHubLogoIcon, MagnifyingGlassIcon, OpenInNewWindowIcon } from '@radix-ui/react-icons';\nconst inter = Inter({ subsets: ['latin'] })\n\nexport const metadata: Metadata = {\n title: {\n template: '%s - Console - CORS.SH',\n default: 'Console - CORS.SH',\n },\n description: \"One CORS Proxy you'll ever need\",\n metadataBase: new URL('https://cors.sh'),\n openGraph: {\n images: [\n \"/og-image-01.jpg\",\n ]\n }\n}\n\nexport default function RootLayout({\n children,\n}: {\n children: React.ReactNode\n}) {\n return (\n \n \n {process.env.NEXT_PUBLIC_GOOGLE_ANALYTICS ? (\n \n ) : null}\n \n
\n
\n \n
\n \n
\n \n \n {children}\n \n
\n \n
\n \n \n )\n}\n\n\nfunction Sidebar() {\n return
\n \n CORS.SH\n \n
\n \n \n Dashboard\n \n \n \n Apps\n \n \n \n Events\n \n \n \n Github\n \n
\n
\n}\n\nfunction NavItem({ children, ...props }: React.PropsWithChildren>) {\n return (\n \n {children}\n \n )\n}\n\n\nfunction ContentArea({ children }: React.PropsWithChildren<{}>) {\n return
\n {children}\n
\n\n}" }, { "path": "web/app/(home)/contact/page.tsx", "content": "import Link from \"next/link\"\nimport React from \"react\"\n\nexport default function ContactPage() {\n return
\n

Contact

\n
\n \n \n \n
\n}" }, { "path": "web/app/(home)/get-started/page.tsx", "content": "'use client'\n\nimport React, { useCallback, useRef, useEffect } from \"react\";\nimport { useRouter } from \"next/navigation\";\nimport { FormPageLayout } from \"@app/ui/layouts\";\nimport { validateUrls } from \"@app/ui/utils\";\nimport {\n Button,\n FormFieldBase,\n FormFieldLabel,\n TextFormField,\n} from \"@editor-ui/console\";\nimport Select from \"react-select\";\nimport client from \"@cors.sh/service-api\";\nimport * as k from \"@/k\";\nimport { toast } from \"react-hot-toast\";\nimport { useSearchParams } from \"next/navigation\";\nimport { MiniPlanSelect } from \"@/components/pricing/mini\";\nimport Link from \"next/link\";\nimport { motion } from \"framer-motion\";\n\n// eslint-disable-next-line @next/next/no-async-client-component\nexport default function GetstartedPage() {\n const searchParams = useSearchParams()\n const _q_price = searchParams?.get(\"price\") as string\n\n const validate_price_id = (price_id: string | undefined): boolean => {\n return price_id?.startsWith(\"price_\") || false;\n };\n\n const _price = validate_price_id(_q_price)\n ? _q_price\n : k.plans.pro.id;\n\n\n const [name, setName] = React.useState(\"\");\n const [price, setPrice] = React.useState(_price);\n const [allowedOrigins, setAllowedOrigins] = React.useState(\"\");\n const [valid, setValid] = React.useState(false);\n const [isBusy, setIsBusy] = React.useState(false);\n const [isValid, setIsValid] = React.useState(false);\n const stateRef = useRef(_price);\n\n stateRef.current = price;\n\n const router = useRouter();\n\n const onPriceChange = (price: string) => {\n setPrice(price);\n };\n\n const onEnter = () => {\n // this is required because onEnter can also be invoked from input's callback\n if (valid) {\n onNextClick();\n }\n };\n\n useEffect(() => {\n setIsValid(name.length > 0 && validateUrls(allowedOrigins));\n }, [name, allowedOrigins]);\n\n const onNextClick = useCallback(async () => {\n setIsBusy(true);\n\n try {\n // log begin_checkout event\n const pricedata = (k.plans as any)[price];\n\n // @ts-ignore\n window.gtag?.(\"event\", \"begin_checkout\", {\n value: pricedata.value,\n currency: pricedata.currency,\n items: [\n {\n item_id: pricedata.id,\n item_name: pricedata.label,\n },\n ],\n });\n } catch (e) { }\n\n try {\n // create onboarding application\n const form = {\n name: name ? name : undefined,\n allowedOrigins: allowedOrigins\n .split(\",\")\n .map((x) => x.trim())\n .filter(Boolean),\n priceId: price,\n };\n\n const application = await client.onboardingWithForm(form);\n\n const onboarding_id = application.id;\n\n // switch (stateRef.current) {\n // case k.PRICE_FREE_MONTHLY: {\n // // the free plan does not require payments, so we can skip to create new project right away.\n // redirect =\n // window.location.protocol + window.location.host + \"/console/new\";\n // break;\n // }\n // }\n\n // redirect user to payment page\n let params = new URLSearchParams();\n params.append(\"onboarding_id\", onboarding_id);\n // TODO: multiple search params not supported by accounts.grida.co?redirect_uri=x\n\n const redirect = k.SERVER_URL + \"/payments/checkout/new\" + \"?\" + params;\n\n router.replace(redirect);\n } catch (e) {\n toast.error(\"Oops. something went wrong. please try again.\");\n setIsBusy(false);\n }\n }, [price, name, allowedOrigins, router]);\n\n return (\n \n \n

Get started

\n

\n Ready to use cors.sh? select your plan and letโ€™s create your first\n project.
\n

\n

*you can update the fields later

\n
\n
\n \n \n {/* pricing plan select */}\n\n \n \n
\n Plan\n View Pricing\n
\n
\n {\n onPriceChange(id);\n }}\n value={price}\n options={[\n {\n id: k.plans.pro.id,\n label: $3 / Mo
Annual Billing,\n content: <>Save 25% with annual billing\n },\n {\n id: k.plans.pro2.id,\n label: $4 / Mo
Monthly Billing,\n content: <>-\n }\n ]} />\n
\n \n \n
\n \n Continue\n \n
\n \n );\n}" }, { "path": "web/app/(home)/layout.tsx", "content": "import type { Metadata } from 'next'\nimport { Inter } from 'next/font/google'\nimport { Header } from '@/components/header'\nimport { Toaster } from \"react-hot-toast\";\nimport GoogleAnalytics from '@/components/ga';\nimport ChatwootWidget from \"@/components/chatwoot\";\nimport '../globals.css'\n\nconst inter = Inter({ subsets: ['latin'] })\n\nexport const metadata: Metadata = {\n title: 'CORS.SH - A Fast & Reliable CORS Proxy for your websites',\n description: \"One CORS Proxy you'll ever need\",\n metadataBase: new URL('https://cors.sh'),\n openGraph: {\n images: [\n \"/og-image-01.jpg\",\n ]\n }\n}\n\nexport default function RootLayout({\n children,\n}: {\n children: React.ReactNode\n}) {\n return (\n \n \n {process.env.NEXT_PUBLIC_GOOGLE_ANALYTICS ? (\n \n ) : null}\n \n
\n
\n \n
\n
\n {children}\n
\n \n \n )\n}\n" }, { "path": "web/app/(home)/onboarding/[id]/page.tsx", "content": "// TODO: rename this route to /onboarding/continue?id=\n\nimport Head from \"next/head\";\nimport { redirect } from \"next/navigation\";\nimport React from \"react\";\n\nexport default function ContinueOnboardingWithVerification() {\n redirect(\"/get-started\");\n\n return (\n <>\n \n Redirecting..\n \n

Redirecting..

\n \n );\n}\n" }, { "path": "web/app/(home)/onboarding/page.tsx", "content": "'use client'\nimport React, { useEffect } from \"react\";\nimport {\n Button,\n FormFieldBase,\n FormFieldLabel,\n TextFormField,\n} from \"@editor-ui/console\";\nimport Select from \"react-select\";\nimport client from \"@cors.sh/service-api\";\nimport { redirect, useRouter } from \"next/navigation\";\nimport { Cross2Icon } from \"@radix-ui/react-icons\";\nimport Head from \"next/head\";\nimport { FormPageLayout } from \"@app/ui/layouts\";\nimport { validateUrls } from \"@app/ui/utils\";\nimport { motion } from \"framer-motion\";\n\nexport default function NewApplicationPage() {\n redirect(\"/\")\n const router = useRouter();\n const [step, setStep] = React.useState<\"signin\" | \"setup\">(\"signin\");\n\n function Body() {\n switch (step) {\n case \"signin\":\n return (\n {\n setStep(\"setup\");\n }}\n />\n );\n case \"setup\":\n return ;\n }\n }\n\n return (\n <>\n \n CORS.SH - First App\n \n \n {\n router.replace(\"/\");\n }}\n >\n \n \n \n \n \n );\n}\n\nfunction SigninForm({ onComplete }: { onComplete: () => void }) {\n const [tmpkey, setTmpkey] = React.useState(\"\");\n const [valid, setValid] = React.useState(false);\n\n const onTypeKey = (key: string) => {\n // todo: validate key via api\n setValid(key.length > 10);\n };\n\n const onEnter = () => {\n // this is required because onEnter can also be invoked from input's callback\n if (valid) {\n onComplete();\n }\n };\n\n return (\n <>\n

Enter your API key from your inbox to get started

\n
\n \n
\n
\n \n \n );\n}\n\nfunction SetupForm() {\n const router = useRouter();\n const [name, setName] = React.useState(\"\");\n const [allowedOrigins, setAllowedOrigins] = React.useState(\"\");\n const [isBusy, setIsBusy] = React.useState(false);\n const [isValid, setIsValid] = React.useState(false);\n const [isPricingVisible, setIsPricingVisible] = React.useState(false);\n\n const onEnter = () => {\n if (!isValid) {\n return;\n }\n setIsBusy(true);\n client\n .createApplication({\n name: name,\n allowedOrigins: allowedOrigins\n .split(\",\")\n .map((origin) => origin.trim()),\n })\n .then((r) => {\n router.push(`/console/${r.id}`,);\n })\n .finally(() => {\n setIsBusy(false);\n });\n };\n\n useEffect(() => {\n setIsValid(name.length > 0 && validateUrls(allowedOrigins));\n }, [name, allowedOrigins]);\n\n useEffect(() => {\n if (isValid) {\n setTimeout(() => {\n setIsPricingVisible(true);\n }, 1800);\n }\n }, [isValid]);\n\n return (\n <>\n

Now, Let's configure your first application

\n
\n \n \n {/* pricing plan select */}\n \n \n Plan\n
\n {\n if (e.key === \"Enter\") {\n onEnter();\n }\n }}\n options={[\n { value: \"pro-monthly\", label: \"Pro - $4/Mo\" },\n {\n value: \"pro-yearly\",\n label: \"Pro - $3/Mo (Pay annualy, save $12)\",\n },\n ]}\n defaultValue={{ value: \"pro\", label: \"Pro - $4/Mo\" }}\n />\n
\n \n \n
\n \n
\n \n );\n}\n" }, { "path": "web/app/(home)/page.tsx", "content": "import React from 'react'\nimport { HomeCardExample } from '@/components/home-hover-card'\nimport { SendMeAnApiKeyForm } from '@/components/landing/send-me-an-api-key-form'\nimport { HomeBackground } from '@/components/home-background'\n\nexport default function Home() {\n return (\n
\n \n
\n
\n
\n

\n \n CORS.SH -
\n CORS PROXY\n \n

\n

\n Sick of cors errors? CORS.SH, A fast & reliable cors proxy for your websites here for the rescue.\n

\n
\n \n
\n
\n \n
\n
\n
\n )\n}\n\n" }, { "path": "web/app/(home)/pricing/page.tsx", "content": "\"use client\";\nimport React from \"react\";\nimport styled from \"@emotion/styled\";\nimport { FaqItem } from \"@/components/faq\";\nimport { PricingCard } from \"@/components/pricing\";\nimport { motion } from \"framer-motion\";\nimport { useRouter } from \"next/navigation\";\nimport { FreeForOpensourceCard } from \"@/components/free-for-opensource\";\nimport { plans } from \"@/k\";\nimport faqs from \"@/k/faq.json\";\nimport Link from \"next/link\";\n\n\nconst price_size = {\n normal: { width: 280, height: 380 } as const,\n highlighted: { width: 300, height: 420 } as const,\n} as const;\n\nexport default function Pricing() {\n const router = useRouter();\n\n\n return (\n <>\n
\n \n Get started with $3/Mo\n \n \n \n {\n plans.pro.features.map((t, i) => (\n
  • {t}
    • \n ))\n }\n \n }\n action={\n \n \n \n }\n />\n \n {\n plans.pro2.features.map((t, i) => (\n
  • {t}
    • \n ))\n }\n \n }\n action={\n \n \n \n }\n />\n \n {\n plans.enterprise.features.map((t, i) => (\n
  • {t}
    • \n ))\n }\n \n }\n action={\n \n \n \n }\n />\n \n \n \n \n \n \n \n \n FAQ\n \n \n {faqs.map((_: any, i: number) => (\n \n ))}\n \n \n
    \n \n );\n}\n\nconst Main = styled.main`\n display: flex;\n flex-direction: column;\n align-items: center;\n min-height: 100vh;\n\n font-family: \"Inter\", sans-serif;\n\n margin-top: 80px;\n margin-bottom: 80px;\n\n h1 {\n margin-top: 80px;\n font-size: 48px;\n font-weight: 700;\n text-align: center;\n }\n\n h2 {\n margin-top: 32px;\n text-align: center;\n }\n\n .pricing-table {\n display: flex;\n flex-direction: row;\n justify-content: center;\n align-items: center;\n gap: 16px;\n margin-top: 32px;\n }\n\n hr {\n width: 100%;\n border: 1px solid rgba(255, 255, 255, 0.1);\n margin-top: 32px;\n margin-bottom: 32px;\n }\n\n section.section {\n padding: 32px;\n }\n\n section.faq {\n display: flex;\n flex-direction: column;\n align-items: stretch;\n gap: 32px;\n width: 670px;\n\n .list {\n display: flex;\n flex-direction: column;\n align-items: stretch;\n gap: 16px;\n }\n }\n`;\n" }, { "path": "web/app/(home)/too-many-requests/page.tsx", "content": "'use client';\n\nimport React from \"react\";\nimport * as k from \"@/k\";\nimport Link from \"next/link\";\n\nexport default function TooMayRequestsPage() {\n return (\n
    \n
    \n Too many requests.\n

    \n Weโ€™re sorry to tell you that youโ€™ve reached your hourly request limit for free-tier.\n Upgrade your plan to remove this limit.\n

    \n
    \n
    \n \n \n \n
    \n );\n}\n" }, { "path": "web/app/globals.css", "content": "@tailwind base;\n@tailwind components;\n@tailwind utilities;\n\n/* :root {\n --foreground-rgb: 0, 0, 0;\n --background-start-rgb: 214, 219, 220;\n --background-end-rgb: 255, 255, 255;\n} */\n\n/* @media (prefers-color-scheme: dark) { */\n/* } */\n\n:root {\n --foreground-rgb: 255, 255, 255;\n --background-start-rgb: 0, 0, 0;\n --background-end-rgb: 0, 0, 0;\n}\n\nbody {\n color: rgb(var(--foreground-rgb));\n background: linear-gradient(\n to bottom,\n transparent,\n rgb(var(--background-end-rgb))\n )\n rgb(var(--background-start-rgb));\n}\n" }, { "path": "web/components/chatwoot/index.jsx", "content": "\"use client\";\nimport React from \"react\";\n\nclass ChatwootWidget extends React.Component {\n componentDidMount() {\n // Add Chatwoot Settings\n window.chatwootSettings = {\n hideMessageBubble: false,\n position: \"right\", // This can be left or right\n locale: \"en\", // Language to be set\n type: \"standard\", // [standard, expanded_bubble]\n };\n\n // Paste the script from inbox settings except the \n \n \n);\n\nexport default GoogleAnalytics;" }, { "path": "web/components/header.tsx", "content": "import React from \"react\"\nimport { GitHubLogoIcon } from \"@radix-ui/react-icons\"\nimport Link from \"next/link\"\nimport { SlashIcon } from \"@radix-ui/react-icons\"\n\n\nexport function Header() {\n return
    \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n
    \n {/* \n Example\n */}\n \n Playground\n \n \n Pricing\n \n
    \n
    \n
    \n
    \n {/* \n Console\n */}\n \n \n \n\n
    \n \n \n \n
    \n
    \n
    \n}" }, { "path": "web/components/home-background.tsx", "content": "'use client'\n\nimport React from \"react\"\nimport Image from 'next/image'\nimport { motion } from 'framer-motion';\n\nexport function HomeBackground() {\n return (\n \n \n background graphic\n
    \n \n \n )\n}\n\nfunction VignettingOverlay({ w }: { w: number }) {\n return (\n
    \n {/* Top edge */}\n \n\n {/* Bottom edge */}\n \n\n {/* Left edge */}\n \n\n {/* Right edge */}\n \n
    \n )\n}" }, { "path": "web/components/home-hover-card.tsx", "content": "'use client'\nimport { Prism as SyntaxHighlighter } from 'react-syntax-highlighter';\nimport { atomDark as scheme } from 'react-syntax-highlighter/dist/esm/styles/prism';\n\n\nimport React from 'react';\nimport { useMove } from '@use-gesture/react'\nimport styled from \"@emotion/styled\"\nimport Image from 'next/image';\nimport { examples } from \"@/k\"\nimport Link from 'next/link';\nimport LineMotion from '@/motions/electron';\nimport { motion } from 'framer-motion';\n\nexport function HomeCardExample() {\n return \n
    \n
    \n \n
    \n \n \n \n
    \n\n
    \n {/* @ts-ignore */}\n \n {examples.fetch('https://example.com')}\n \n
    \n \n \n \n \n}\n\nconst HomeCardWrapper = styled(motion.div)`\n box-shadow: 0px 4px 128px 4px rgba(94, 154, 223, 0.16);\n`\n\n\nexport function HomeHoverCardV2() {\n const [{ x, y }, set] = React.useState({ x: 0, y: 0 });\n\n const bind = useMove(({ movement: [mx, my], memo }) => {\n const el = document.getElementById('card');\n const rect = el!.getBoundingClientRect();\n const halfWidth = rect.width / 2;\n const halfHeight = rect.height / 2;\n\n const rotateX = -1 * (my - halfHeight) / halfHeight * 10; // 10 is rotation strength\n const rotateY = (mx - halfWidth) / halfWidth * 10; // 10 is rotation strength\n\n set({ x: rotateY, y: rotateX });\n\n return { x: mx, y: my };\n });\n\n const style = {\n transform: `perspective(600px) rotateX(${y}deg) rotateY(${x}deg)`\n };\n\n return (\n
    \n {/* @ts-ignore */}\n \n \n \n
    \n );\n}\n\n\nconst Card = styled.div`\n width: 300px;\n height: 300px;\n display: flex;\n align-items: center;\n justify-content: center;\n background-color: #e1e1e1;\n box-shadow: 0 10px 20px rgba(0, 0, 0, 0.1);\n border-radius: 15px;\n transition: transform 0.1s;\n will-change: transform;\n\n`" }, { "path": "web/components/landing/send-me-an-api-key-form.tsx", "content": "'use client'\n\nimport React, { useState } from \"react\";\nimport client from \"@cors.sh/service-api\";\nimport { toast } from \"react-hot-toast\";\nimport { validateEmail } from \"@/utils/email-validation\";\n\nexport function SendMeAnApiKeyForm() {\n const [isBusy, setIsBusy] = useState(false);\n const [email, setEmail] = useState(\"\");\n\n const onsend = async () => {\n // validate email\n if (!validateEmail(email)) {\n toast.error(

    Invalid Email

    );\n return;\n }\n\n // send email\n setIsBusy(true);\n\n client\n .onboardingWithEmail({ email: email })\n .then((data) => {\n toast.success(\n

    \n API Key sent to your email.\n
    \n Please check your spam folder as well\n

    \n );\n\n // log conversion (signup)\n // @ts-ignore\n window.gtag?.(\"event\", \"sign_up\", {\n method: \"email\",\n });\n })\n .catch((e) => {\n toast.error(

    Something went wrong

    );\n })\n .finally(() => {\n setIsBusy(false);\n });\n };\n\n // \n return (\n
    {\n e.preventDefault();\n onsend();\n }}>\n {\n setEmail(e.target.value);\n }}\n />\n Send me an API Key\n \n )\n}" }, { "path": "web/components/logo/index.tsx", "content": "import React from \"react\";\n\nexport function Logo({\n color = \"black\",\n width = 104,\n}: {\n width?: React.CSSProperties[\"width\"];\n color?: React.CSSProperties[\"color\"];\n}) {\n return (\n \n \n \n );\n}\n" }, { "path": "web/components/pricing/index.tsx", "content": "import React from \"react\";\nimport styled from \"@emotion/styled\";\nimport { motion } from \"framer-motion\";\n\nexport function PricingCard({\n plan,\n price,\n desc,\n features,\n action,\n style = {},\n}: {\n plan: string;\n price: {\n value: number | string;\n currency?: string;\n unit?: string;\n };\n desc?: string;\n features: React.ReactNode;\n action?: React.ReactNode;\n style?: React.CSSProperties;\n}) {\n return (\n \n {plan}\n
    \n \n \n {typeof price.value === \"string\"\n ? price.value\n : `${price.currency}${price.value}`}\n \n {price.unit}\n \n {desc && (\n \n {desc}\n \n )}\n
    \n
    \n {features}\n
    \n
    \n
    \n {action}\n
    \n \n \n );\n}\n\nconst PricingCardWrapper = styled(motion.div)`\n --card-border-rgb: 200, 200, 200;\n\n display: flex;\n flex-direction: column;\n padding: 20px;\n border: solid 2px rgba(var(--card-border-rgb), 0.1);\n border-radius: 8px;\n position: relative;\n\n font-family: Inter, sans-serif;\n text-align: left;\n\n &:hover {\n border: solid 2px rgba(var(--card-border-rgb), 0.2);\n box-shadow: 0px 0px 24px 2px rgba(var(--card-box-shadow-rgb), 0.1);\n }\n\n section {\n margin-top: 32px;\n }\n\n .plan {\n font-size: 14px;\n font-weight: 500;\n }\n\n .price {\n display: flex;\n justify-content: flex-start;\n flex-direction: row;\n align-items: center;\n flex: none;\n gap: 2px;\n box-sizing: border-box;\n\n .a {\n font-size: 32px;\n font-weight: 800;\n }\n\n .b {\n font-size: 13px;\n font-weight: 500;\n opacity: 0.5;\n }\n }\n\n .unit {\n display: flex;\n justify-content: flex-start;\n flex-direction: row;\n align-items: center;\n flex: none;\n gap: 4px;\n box-sizing: border-box;\n opacity: 0.8;\n\n .b {\n font-size: 13px;\n font-weight: 500;\n opacity: 0.5;\n }\n }\n\n .desc {\n font-weight: 500;\n opacity: 0.8;\n }\n\n button {\n box-shadow: 0px 4px 24px 2px rgba(var(--card-box-shadow-rgb), 0.2);\n background: white;\n border: solid 1px rgba(120, 120, 120, 0.8);\n border-radius: 4px;\n padding: 8px 10px;\n font-size: 12px;\n font-weight: 600;\n outline: none;\n cursor: pointer;\n color: black;\n\n :hover {\n opacity: 0.8;\n }\n\n :disabled {\n opacity: 0.5;\n }\n\n :active {\n opacity: 1;\n }\n\n :focus {\n }\n }\n\n .dot {\n width: 8px;\n height: 8px;\n background-color: rgb(var(--foreground-rgb));\n border-radius: 50%;\n position: absolute;\n top: 20px;\n right: 20px;\n }\n`;\n" }, { "path": "web/components/pricing/mini.tsx", "content": "\nexport function MiniPlanSelect({\n onChange,\n value,\n options,\n}: {\n onChange: (id: string) => void;\n value?: string;\n options: Array<{ id: string, label: React.ReactElement | string, content: React.ReactElement | string }>;\n}) {\n return
    \n {options.map(({ id, label, content }, i) => {\n const selected = id === value;\n return (\n {\n onChange(id);\n }} />\n )\n })}\n
    \n}\n\n\nexport function MiniPriceCard({\n label,\n content,\n selected,\n onClick\n}: {\n label: React.ReactElement | string;\n content: React.ReactElement | string;\n selected: boolean;\n onClick: () => void;\n}) {\n return \n}" }, { "path": "web/k/examples.ts", "content": "/**\n * usage code snippet\n */\nexport const examples = {\n simplest: (\n t: string,\n key: string = \"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"\n ) => `fetch('https://proxy.cors.sh/${t}', {\n headers: {\n 'x-cors-api-key': '${key}',\n }\n}).then(console.log);`,\n fetch: (\n t: string,\n key: string = \"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"\n ) => `fetch('https://proxy.cors.sh/${t}', {\n headers: {\n 'x-cors-api-key': '${key}',\n }\n});\n\n// or...\nfuncton fetchWithProxy(url, params){\n return fetch(\\`https://proxy.cors.sh/\\${url}\\`, \n { \n ...params,\n headers: \n { \n ...params.headers,\n 'x-cors-api-key': '${key}'\n }\n });\n}\n\nfetchWithProxy('${t}')\n `,\n axios: (\n t: string,\n key: string = \"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"\n ) => `import Axios from \"axios\";\n\nAxios.get('https://proxy.cors.sh/${t}', {\n headers: {\n 'x-cors-api-key': '${key}',\n }\n})\n\n// or...\nconst client = Axios.create({\n baseURL: 'https://proxy.cors.sh/' + '${t}',\n headers: {\n 'x-cors-api-key': '${key}',\n }\n})\n\nclient.get('/')\n`,\n} as const;\n" }, { "path": "web/k/external-links.ts", "content": "export const LINK_APPLY_FOR_OSS_PLAN =\n \"https://github.com/gridaco/cors.sh/issues/new?template=apply-for-oss-program.yml\";\n" }, { "path": "web/k/faq.json", "content": "[\n {\n \"q\": \"Can I use CORS.SH Proxy for multiple websites?\",\n \"a\": \"Yes, with single subscription, you are able to use CORS.SH Proxy for multiple websites unlimitedly, unless it exceeds the quota.\"\n },\n {\n \"q\": \"How can I Apply to OSS Progam?\",\n \"a\": \"Any Open-source projects with 5 stars is capable to apply to OSS Program.\"\n }\n]\n" }, { "path": "web/k/host.ts", "content": "export const HOST =\n process.env.NODE_ENV === \"production\"\n ? \"https://cors.sh\"\n : \"http://localhost:8823\";\n\nexport const SERVER_URL =\n process.env.NODE_ENV === \"production\"\n ? // TODO: this url is not live.\n \"https://services.cors.sh\"\n : \"http://localhost:4021\";\n" }, { "path": "web/k/index.ts", "content": "export * from \"./plans\";\nexport * from \"./external-links\";\nexport * from \"./host\";\nexport * from \"./examples\";\n" }, { "path": "web/k/plans.json", "content": "{\n \"pro\": {\n \"id\": \"price_1LbnTwAvR3geCh5rZm9v8CAy\",\n \"name\": \"Pro - Monthly\",\n \"price\": {\n \"value\": 4,\n \"currency\": \"usd\",\n \"symbol\": \"$\",\n \"interval\": \"month\"\n },\n \"features\": [\n \"Up to 500,000 requests per month\",\n \"500GB Bandwidth\",\n \"Unlimited Projects\",\n \"No hourly request limit\",\n \"Up to 6mb per request\"\n ]\n },\n \"pro2\": {\n \"id\": \"price_1LbnV4AvR3geCh5rMEwJ5Zf1\",\n \"name\": \"Pro - Annually\",\n \"desc\": \"Annual billing only\",\n \"price\": {\n \"value\": 3,\n \"currency\": \"usd\",\n \"symbol\": \"$\",\n \"interval\": \"month\"\n },\n \"features\": [\n \"Up to 500,000 requests per month\",\n \"500GB Bandwidth\",\n \"Unlimited Projects\",\n \"No hourly request limit\",\n \"Up to 6mb per request\"\n ]\n },\n \"enterprise\": {\n \"id\": \"price_1MNTlpAvR3geCh5r3gqzq2s7\",\n \"name\": \"Enterprise\",\n \"price\": {\n \"value\": 499,\n \"currency\": \"usd\",\n \"symbol\": \"$\",\n \"interval\": \"year\"\n },\n \"features\": [\n \"Up to 10,000,000 requests per month\",\n \"1TB Bandwidth\",\n \"Unlimited Projects\",\n \"No hourly request limit\",\n \"Max 6mb per request\"\n ]\n }\n}\n" }, { "path": "web/k/plans.test.json", "content": "{\n \"pro\": {\n \"id\": \"price_1Lda7UAvR3geCh5rVaajCSw6\",\n \"name\": \"Pro - Monthly\",\n \"price\": {\n \"value\": 4,\n \"currency\": \"usd\",\n \"symbol\": \"$\",\n \"interval\": \"month\"\n },\n \"features\": [\n \"Up to 500,000 requests per month\",\n \"500GB Bandwidth\",\n \"Unlimited Projects\",\n \"No hourly request limit\",\n \"Up to 6mb per request\"\n ]\n },\n \"pro2\": {\n \"id\": \"price_1MMpznAvR3geCh5ro9O4Gdlt\",\n \"desc\": \"Annual billing only\",\n \"name\": \"Pro - Annually\",\n \"price\": {\n \"value\": 3,\n \"currency\": \"usd\",\n \"symbol\": \"$\",\n \"interval\": \"month\"\n },\n \"features\": [\n \"Up to 500,000 requests per month\",\n \"500GB Bandwidth\",\n \"Unlimited Projects\",\n \"No hourly request limit\",\n \"Up to 6mb per request\"\n ]\n },\n \"enterprise\": {\n \"id\": \"price_1MNTfvAvR3geCh5rV0KueWOk\",\n \"name\": \"Enterprise\",\n \"price\": {\n \"value\": 499,\n \"currency\": \"usd\",\n \"symbol\": \"$\",\n \"interval\": \"year\"\n },\n \"features\": [\n \"Up to 10,000,000 requests per month\",\n \"1TB Bandwidth\",\n \"Unlimited Projects\",\n \"No hourly request limit\",\n \"Max 6mb per request\"\n ]\n }\n}\n" }, { "path": "web/k/plans.ts", "content": "import plans_live from \"@/k/plans.json\";\nimport plans_test from \"@/k/plans.test.json\";\n\nexport const plans =\n process.env.NODE_ENV === \"production\" ? plans_live : plans_test;\n\nconst price_pro_monthly = {\n ...plans.pro2,\n desc2: \"Pro - Monthly\",\n} as const;\n\nconst price_pro_yearly = {\n ...plans.pro2,\n desc2: \"Pro - Save 25% with Annual billing\",\n} as const;\n\n// const enterprise_yearly: Price = {\n// id: plans.enterprise.id,\n// name: \"Enterprise\",\n// price: \"$499\",\n// unit: \"Year\",\n// features: [\n// \"Up to 10,000,000 requests per month\",\n// \"1TB Bandwidth\",\n// \"Unlimited Projects\",\n// \"No hourly request limit\",\n// \"Max 6mb per request\",\n// ],\n// };\n" }, { "path": "web/layouts/payment-required-page.tsx", "content": "import React from \"react\";\nexport function PaymentRequiredPage() {\n return <>;\n}\n" }, { "path": "web/motions/electron/index.tsx", "content": "import React from \"react\";\nimport { motion } from \"framer-motion\";\n\nconst LineAnimation = () => {\n // Define the motion variant for the moving light effect\n const motionVariant = {\n animate: {\n backgroundPosition: [\"0% 50%\", \"100% 50%\", \"0% 50%\"],\n transition: {\n duration: 1.2,\n ease: \"linear\",\n repeat: Infinity,\n },\n }\n };\n\n return (\n \n );\n};\n\nexport default LineAnimation;\n" }, { "path": "web/next.config.js", "content": "/** @type {import('next').NextConfig} */\nconst nextConfig = {\n transpilePackages: [\"@cors.sh/service-api\", \"@app/ui\", \"@editor-ui/console\"],\n rewrites() {\n return [\n {\n source: \"/playground\",\n destination: \"https://playground.cors.sh\",\n },\n {\n source: \"/playground/:path*\",\n destination: \"https://playground.cors.sh/:path*\",\n },\n {\n source: \"/docs\",\n destination: \"https://docs.cors.sh/intro\",\n },\n {\n source: \"/docs/:path*\",\n destination: \"https://docs.cors.sh/:path*\",\n },\n ];\n },\n redirects() {\n return [\n {\n source: \"/http\\\\://:path*\",\n destination: \"https://proxy.cors.sh/http\\\\://:path*\",\n basePath: false,\n permanent: true,\n },\n {\n source: \"/https\\\\://:path*\",\n destination: \"https://proxy.cors.sh/https\\\\://:path*\",\n basePath: false,\n permanent: true,\n },\n {\n // if pyament is canceled, go back to get started page.\n source: \"/payments/canceled\",\n destination: \"/get-started\",\n permanent: true,\n },\n // {\n // source: \"/console\",\n // destination: \"https://console.grida.co/cors-proxy\",\n // permanent: true,\n // },\n {\n source: \"/docs\",\n destination: \"/docs/intro\",\n permanent: true,\n },\n ];\n },\n};\n\nmodule.exports = nextConfig;\n" }, { "path": "web/package.json", "content": "{\n \"name\": \"homepage\",\n \"version\": \"0.1.0\",\n \"private\": true,\n \"scripts\": {\n \"dev\": \"next dev -p 8823\",\n \"build\": \"next build\",\n \"start\": \"next start -p 8823\",\n \"lint\": \"next lint\"\n },\n \"dependencies\": {\n \"@emotion/react\": \"^11.11.1\",\n \"@emotion/styled\": \"^11.11.0\",\n \"@radix-ui/react-collapsible\": \"^1.0.3\",\n \"@radix-ui/react-icons\": \"^1.3.0\",\n \"@radix-ui/themes\": \"^2.0.1\",\n \"@use-gesture/react\": \"^10.3.0\",\n \"add\": \"^2.0.6\",\n \"copy-to-clipboard\": \"^3.3.3\",\n \"framer-motion\": \"^10.16.4\",\n \"next\": \"14.0.1\",\n \"prismjs\": \"^1.29.0\",\n \"react\": \"^18\",\n \"react-dom\": \"^18\",\n \"react-hot-toast\": \"^2.4.1\",\n \"react-select\": \"^5.7.7\",\n \"react-syntax-highlighter\": \"^15.5.0\"\n },\n \"devDependencies\": {\n \"@types/node\": \"^20\",\n \"@types/react\": \"^18\",\n \"@types/react-dom\": \"^18\",\n \"@types/react-syntax-highlighter\": \"^15.5.9\",\n \"autoprefixer\": \"^10.0.1\",\n \"eslint\": \"^8\",\n \"eslint-config-next\": \"14.0.1\",\n \"postcss\": \"^8\",\n \"tailwindcss\": \"^3.3.0\",\n \"typescript\": \"^5\"\n }\n}\n" }, { "path": "web/pages/onboarding/complete.tsx", "content": "import React, { useEffect } from \"react\";\nimport styled from \"@emotion/styled\";\nimport { Client, ApplicationWithApiKey } from \"@cors.sh/service-api\";\nimport Head from \"next/head\";\nimport { FormPageLayout } from \"@app/ui/layouts\";\nimport { CollapsibleInfoCard } from \"@/components/collapsible-info-card\";\nimport { UnderlineButton } from \"@app/ui/components\";\nimport { Prism as SyntaxHighlighter } from \"react-syntax-highlighter\";\nimport { examples } from \"@/k\";\nimport { ApiKeyReveal } from \"@app/ui/components\";\nimport Link from \"next/link\";\n\nexport default function InitialOnboardingFinalPage({\n application,\n}: {\n application: ApplicationWithApiKey;\n}) {\n const demo_target_url =\n application.allowedOrigins[0] ?? \"https://example.com\";\n\n return (\n <>\n \n CORS.SH - Complete\n \n \n <>\n

    \n Extend your api call with proxy.cors.sh\n

    \n

    \n \n We've sent you an email with the api key.\n
    \n Please check your inbox :)\n \n
    \n
    \n Letโ€™s get rid of the cors errors with proxy.cors.sh like below.\n

    \n
    \n
    \n {/* */}\n\n \n \n \n \n \n \n \n
    Useful resources
    \n \n     \n
    \n
    \n
    \n \n Thank you for using cors.sh ๐Ÿ™\n\n {/* Move to dashboard */}\n \n \n I need help\n \n \n
    \n \n     \n \n );\n}\n\nfunction CodeExamples({ target, apikey }: { target: string; apikey: string }) {\n return (\n {examples.simplest(target, apikey)}\n );\n}\n\nfunction MoreCodeExamples({\n target,\n apikey,\n}: {\n target: string;\n apikey: string;\n}) {\n return {examples.axios(target, apikey)};\n}\n\nconst CodeBlock = styled(SyntaxHighlighter as any)`\n max-height: 240px;\n font-size: 12px !important;\n`;\n\n// \n// 
    \n//     GET https://proxy.corsh.sh/https://instragram.com/posts/123\n//     
    \n//     -h x-cors-api-key {apikey}\n//
    \n//     \n// const CodeBlock = styled.code`\n// background: black;\n// color: white;\n// border-radius: 4px;\n// padding: 20px;\n// display: block;\n// font-size: 12px;\n// line-height: 1.5;\n// font-family: monospace;\n// overflow: scroll;\n\n// pre {\n// margin: 0;\n// }\n// `;\n\nfunction VideoDemo() {\n return (\n
    \n \n \n \n
    \n );\n}\n\nexport async function getServerSideProps(context: any) {\n const { app, checkout_session_id } = context.query;\n\n if (!app) {\n return {\n redirect: {\n destination: \"/\",\n permanent: false,\n },\n };\n }\n\n try {\n const client = new Client({\n \"x-cors-service-checkout-session-id\": checkout_session_id,\n });\n\n const application = await client.getApplication(app);\n\n return {\n props: {\n application,\n },\n };\n } catch (e) {\n console.error(e);\n // 404\n return {\n notFound: true,\n };\n }\n}\n" }, { "path": "web/pages/onboarding/payment-success-with-issue.tsx", "content": "import React from \"react\";\nimport type { Metadata } from 'next'\nimport client from \"@cors.sh/service-api\";\nimport { Button } from \"@editor-ui/console\";\nimport Link from \"next/link\";\n\nexport const metadata: Metadata = {\n title: \"CORS.SH - Problem with your subscription\"\n}\n\nexport default function PaymentSuccessButThereWasAProblem({\n error,\n message,\n session,\n application,\n}: {\n error: \"identity_conflict\" | string;\n message: string;\n session: string;\n application: {\n id: string;\n name: string;\n };\n}) {\n return (\n
    \n \n

    There was a problem with your subscription - "{error}"

    \n\n
    \n

    {message}

    \n\n
    Your Information
    \n

    Copy the data below when you contact customer support

    \n
    \n \n 
    session: {session}
    \n 
    \n            application: {application.id} ({application.name})\n
    \n     \n\n
    \n \n \n \n
    \n
    \n );\n}\n\nexport async function getServerSideProps(context: any) {\n const { error, message, session_id, application_id, onboarding_id } =\n context.query;\n if (!session_id || !application_id || !onboarding_id) {\n // invalid entry\n return {\n redirect: {\n destination: \"/\",\n permanent: false,\n },\n };\n }\n\n try {\n const application = await client.getOnboardingApplication(onboarding_id);\n return {\n props: {\n error,\n message,\n session: session_id || null,\n application,\n },\n };\n } catch (e) {\n // 404\n return {\n notFound: true,\n };\n }\n}\n" }, { "path": "web/pages/onboarding/payment-success.tsx", "content": "import React, { useEffect } from \"react\";\nimport client from \"@cors.sh/service-api\";\nimport { useRouter } from \"next/router\";\nimport { Button, TextFormField } from \"@editor-ui/console\";\nimport { FormPageLayout, PageCloseButton } from \"@app/ui/layouts\";\nimport { toast } from \"react-hot-toast\";\nimport type { Metadata } from 'next'\n\nexport const metadata: Metadata = {\n title: \"CORS.SH - Complete\"\n}\n\n// page redirected from stripe once the payment is successful\nexport default function PaymentSuccessPage({\n application,\n session,\n isOnboarding,\n}: {\n session: string;\n isOnboarding: boolean;\n application: {\n id: string;\n name: string;\n allowedOrigins: string[];\n };\n}) {\n const [isBusy, setBusy] = React.useState(false);\n const router = useRouter();\n\n useEffect(() => {\n // GA4 conversion - Purchase\n // @ts-ignore\n window.gtag?.(\"event\", \"purchase\", {\n transaction_id: session,\n value: 4,\n currency: \"USD\",\n //\n });\n }, []);\n\n const onNext = () => {\n setBusy(true);\n // convert to application.\n client\n .convertApplication(application.id, session)\n .then((d) => {\n // move to complete\n router.push({\n pathname: \"/onboarding/complete\",\n query: {\n app: d.id,\n checkout_session_id: session,\n },\n });\n })\n .catch((e) => {\n toast.error(\"Something went wrong. Please try again later.\");\n })\n .finally(() => {\n setBusy(false);\n });\n };\n\n return (\n <>\n\n \n <>\n

    Thank you for your subscription

    \n

    \n You can now create as many project you want without unlimited hourly\n rate :)\n
    \n
    \n Letโ€™s finish up your first project.\n

    \n
    \n \n \n
    \n \n
    \n \n \n \n );\n}\n\nexport async function getServerSideProps(context: any) {\n const { session_id, application_id, customer_id, onboarding_id } =\n context.query;\n if (!session_id || !onboarding_id) {\n // invalid entry\n return {\n redirect: {\n destination: \"/\",\n permanent: false,\n },\n };\n }\n\n try {\n const application = await client.getOnboardingApplication(onboarding_id);\n return {\n props: {\n session: session_id || null,\n application,\n customer_id,\n },\n };\n } catch (e) {\n // 404\n return {\n notFound: true,\n };\n }\n}\n" }, { "path": "web/postcss.config.js", "content": "module.exports = {\n plugins: {\n tailwindcss: {},\n autoprefixer: {},\n },\n}\n" }, { "path": "web/public/robots.txt", "content": "# Block all crawlers for /console\nUser-agent: *\nDisallow: /console\n\n# Allow all crawlers\nUser-agent: *\nAllow: /" }, { "path": "web/tailwind.config.ts", "content": "import type { Config } from 'tailwindcss'\n\nconst config: Config = {\n content: [\n './pages/**/*.{js,ts,jsx,tsx,mdx}',\n './components/**/*.{js,ts,jsx,tsx,mdx}',\n './app/**/*.{js,ts,jsx,tsx,mdx}',\n ],\n theme: {\n extend: {\n backgroundImage: {\n 'gradient-radial': 'radial-gradient(var(--tw-gradient-stops))',\n 'gradient-conic':\n 'conic-gradient(from 180deg at 50% 50%, var(--tw-gradient-stops))',\n },\n },\n },\n plugins: [],\n}\nexport default config\n" }, { "path": "web/tsconfig.json", "content": "{\n \"compilerOptions\": {\n \"target\": \"es5\",\n \"lib\": [\"dom\", \"dom.iterable\", \"esnext\"],\n \"allowJs\": true,\n \"skipLibCheck\": true,\n \"strict\": true,\n \"noEmit\": true,\n \"esModuleInterop\": true,\n \"module\": \"esnext\",\n \"moduleResolution\": \"bundler\",\n \"resolveJsonModule\": true,\n \"isolatedModules\": true,\n \"jsx\": \"preserve\",\n \"incremental\": true,\n \"plugins\": [\n {\n \"name\": \"next\"\n }\n ],\n \"paths\": {\n \"@/*\": [\"./*\"]\n }\n },\n \"include\": [\"next-env.d.ts\", \"**/*.ts\", \"**/*.tsx\", \".next/types/**/*.ts\"],\n \"exclude\": [\"node_modules\"]\n}\n" }, { "path": "web/utils/email-validation.ts", "content": "const blacklist = [\n \"nqmo.com\",\n \"qabq.com\",\n \"mailinator.com\",\n \"10minutemail.com\",\n \"guerrillamail.com\",\n \"temp-mail.org\",\n \"yopmail.com\",\n \"throwawaymail.com\",\n \"dispostable.com\",\n \"getnada.com\",\n \"maildrop.cc\",\n \"pastryofistanbul.com\",\n \"litepax.com\",\n \"raleigh-construction.com\",\n \"questtechsystems.com\",\n \"teihu.com\",\n \"oakon.com\",\n \"namestal.com\"\n];\n\nconst pattern =\n /^(([^<>()[\\]\\\\.,;:\\s@\"]+(\\.[^<>()[\\]\\\\.,;:\\s@\"]+)*)|(\".+\"))@((\\[[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\])|(([a-zA-Z\\-0-9]+\\.)+[a-zA-Z]{2,}))$/;\n\nexport const validateEmail = (email: string) => {\n const emailLower = email.toLowerCase();\n const domain = emailLower.split(\"@\")[1];\n\n if (!pattern.test(emailLower)) return false;\n if (blacklist.includes(domain)) return false;\n\n return true;\n};\n" } ]