JMM’s notes on


Command Line

Reverse proxy to bypass CORS

First of all, this is really dumb and you shouldn’t do this. This command is used to make a reverse proxy listening on port 9000 that forwards requests to another service (in my case, Zotero), faking CORS protections. Zotero also checks the User-Agent, so I strip that off the request.

mitmdump --listen-port 9000 --mode reverse: --modify-headers '/~s/Access-Control-Allow-Origin/' --modify-headers '/~q/User-Agent/' --modify-headers '|~hq "Origin:"|Origin|'

Also note here that while I only try to strip matching Origin headers, it does not do an exact match. That is, it’ll incorrectly match “Origin: https://jmm.iosomething”.