0

I'm trying to get the source html for a page using just JS in chrome but it looks like that Same-Origin Policy won't let me.

I'm aware of how to set up a proxy, and how to build a scraper in any other language, but I'm trying to make a tool available that anyone can run easily by just opening an html file.

I just need to know if anyone knows of any way to fetch a url using plain JS or with some library that can be included in html and either setting the 'origin' header or removing it altogether since I think that would work as well.

If it's actually impossible then I get it, browsers wouldn't want to give you such an easy out for hijacking sites.

Diego Cuadros
  • 196
  • 1
  • 12
  • 1
    It is not possible without disabling the security policies, would using a reverse proxy work for your use case? You send a request from javascript to the proxy and the proxy retrieves the content using a service-side language that ignores same-site settings. – MaartenDev May 15 '21 at 19:16
  • "either setting the 'origin' header" — Impossible for obvious security reasons – Quentin May 15 '21 at 19:19
  • "removing it altogether since I think that would work as well" — Stopping the browser from telling the remote site where the request was coming from (aside from being impossible) wouldn't help because the browser would still deny the JS access to the response. – Quentin May 15 '21 at 19:20
  • @MaartenDev The proxy could work but are there any publicly available that I don't have to set up? The point is I'm trying to make this available to everyone and not depend on any server I'm hosting for anything. Or one I could set up for free and forget about. – Diego Cuadros May 15 '21 at 21:46

0 Answers0