Making Requests via cors-proxy


cors-proxy is a simple service to enable taskcluster frontend services to make access remote endpoints that disallow cross origin requests.

Any website in the domain whilelist can make remote requests through cors-proxy.

Making a request

The cors-proxy service exposes the /request endpoint. You make a POST request to this endpoint and in the request body, you pass the remote website request parameters, in json format.

$.ajax({
  url: 'http://cors-proxy.taskcluster.net/request',
  method: 'POST',
  contentType: 'application/json',
  data: {
    url: 'https://queue.taskcluster.net/v1/ping',
  }
}).done(function(res) {
  console.log(res);
});

The request accepts the following parameters, from which only url is required.

Paramater Description
url Remote URL to connect to
method One of the http standards verbs
headers Additional http headers to send
data Body text
rejectUnauthorized Reject if the https certifcate is not valid. Default: true.

Exposing headers

By default, the browser allows Javascript code access to only a small set of response headers. If you want to access one or more headers denied by default, you can use the X-Cors-Proxy-Expose-Headers header. You set it to the list of headers you want to access, separate by comma. On response, the cors-proxy will set the Access-Control-Expose-Headers header with the list you passed.