-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathworker.js
More file actions
61 lines (61 loc) · 2.09 KB
/
worker.js
File metadata and controls
61 lines (61 loc) · 2.09 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
const TARGET_ORIGIN = "https://example.com"; // Example API Origin (as Google Gemini & Groq & OpenAI & etc.)
const CNPASSONLY = false; // Only Allow Requests from China Mainland (true or false)
// --------------------------------------------------
export default {
async fetch(request, env, ctx) {
// Request Geo Verification
if (CNPASSONLY) {
const country = (request.cf && request.cf.country) || "XX";
if (country !== "CN") {
return new Response(
JSON.stringify({
error: {
code: "forbidden_country",
message: "This endpoint is only accessible from CN.",
},
}),
{
status: 403,
headers: {
"Content-Type": "application/json; charset=utf-8",
},
}
);
}
}
const requestUrl = new URL(request.url);
// Build Request URL
const upstreamUrl = new URL(requestUrl.toString());
upstreamUrl.protocol = "https:";
upstreamUrl.host = new URL(TARGET_ORIGIN).host;
// keep original request headers and body
const upstreamRequest = new Request(upstreamUrl.toString(), request);
// forward to Target API
const upstreamResponse = await fetch(upstreamRequest, {
redirect: "manual",
});
// add CORS headers
const respHeaders = new Headers(upstreamResponse.headers);
const origin = request.headers.get("Origin");
if (origin) {
respHeaders.set("Access-Control-Allow-Origin", origin);
respHeaders.set("Vary", "Origin");
respHeaders.set("Access-Control-Allow-Credentials", "true");
respHeaders.set(
"Access-Control-Allow-Headers",
request.headers.get("Access-Control-Request-Headers") ||
"Authorization, Content-Type"
);
respHeaders.set(
"Access-Control-Allow-Methods",
"GET, POST, PUT, PATCH, DELETE, OPTIONS"
);
}
// pass through the response
return new Response(upstreamResponse.body, {
status: upstreamResponse.status,
statusText: upstreamResponse.statusText,
headers: respHeaders,
});
},
};