Cacao is a Cross-Origin (CORS) proxy. It allows Javascript running in a web browser to access a remote HTTP resource without cross-origin restrictions. It runs on several different platforms, and essentially works by adding a Access-Control-Allow-Origin: *
header to an HTTP response.
This Cacao Browser Extension is for Chrome and Firefox browsers. It may work on Edge, but it has not yet been tested.
The production release of the extension is available from:
To run a development copy from this source tree, you can:
- Run:
$ npm install
$ npm run build
- Then:
- On Chrome, go to
chrome://extensions
andLoad unpacked
- On Firefox, go to
about:debugging
andLoad Temporary Add-on...
- Go to the Cacao extension options page (about:addons on Firefox) and configure your proxy settings.
Note in Chrome that to use the extension on HTTPS sites, you will need to click the "shield" icon to allow the Cacao script to mix HTTP and HTTPS content. This step is not necessary for Firefox.
The Cacao Browser Extension's architecture is to implement an interceptor for the Fetch API, then to tunnel requests for "magic hostports" to the content script, where it can bypass CORS.
See Cacao Proxy for more details.
Michael FIG michael+cacao@fig.org, 2018-12-12