Developer Reference Suite

Proxy API Specification

Introduction

Welcome to CORS KEVINS, a lightweight request proxy utility. Our platform provides clean proxying for developers running client-side React, Vue, Next.js, or HTML applications blocked by standard Cross-Origin browser policies. We operate a direct server-side proxy route with zero logs or payload caching.

Routing Latency

Edge-Accelerated

Security Cipher

AES-256 TLS 1.3

Origin Support

Wildcard (*)

Quick Start

To route any request through the proxy, simply encode your target destination URL as a query parameter called url. Our backend will process the headers and body transparently and return the payload with complete CORS support.

fast_proxy_init.js

// Just prefix your API endpoint with our proxy URL!
const corsFreeUrl = `https://cors-kevins.vercel.app/api/proxy?url=${encodeURIComponent('https://api.example.com/data')}`;

const response = await fetch(corsFreeUrl);
const data = await response.json();

JavaScript Implementation

Utilize the browser native fetch API with parameter encoding. Always make sure to use encodeURIComponent() to secure character compliance.

ajax_forwarder.js

// Browser Native Fetch Implementation
function fetchUserData() {
  const target = 'https://api.github.com/users/octocat';
  const proxy = 'https://cors-kevins.vercel.app/api/proxy?url=' + encodeURIComponent(target);

  fetch(proxy)
    .then(res => {
      if (!res.ok) throw new Error('Network error');
      return res.json();
    })
    .then(data => console.log('Bypassed Data:', data))
    .catch(error => console.error('Fetch Failed:', error));
}

React.js Hook Integration

Implement a custom React hook that wraps the proxy address safely for high frequency reloading and component isolation.

useBypassFetch.jsx

// React.js Fetch Hook Pattern
import { useState, useEffect } from 'react';

export function useBypassFetch(targetUrl) {
  const [data, setData] = useState(null);
  const [loading, setLoading] = useState(true);

  useEffect(() => {
    const proxyUrl = `https://cors-kevins.vercel.app/api/proxy?url=${encodeURIComponent(targetUrl)}`;
    
    fetch(proxyUrl)
      .then(res => res.json())
      .then(json => {
        setData(json);
        setLoading(false);
      });
  }, [targetUrl]);

  return { data, loading };
}

Next.js App Router Integration

Connect within server routes to ensure full compliance of credentials or private API keys without exposing secrets to the browser window.

app/api/proxy-router/route.ts

// Next.js Server Component or Route Handler
import { NextRequest, NextResponse } from 'next/server';

export async function GET(request: NextRequest) {
  const target = 'https://api.stripe.com/v1/charges';
  const proxyUrl = `https://cors-kevins.vercel.app/api/proxy?url=${encodeURIComponent(target)}`;

  const res = await fetch(proxyUrl, {
    headers: {
      'Authorization': 'Bearer ' + process.env.STRIPE_SECRET_KEY
    }
  });

  const charges = await res.json();
  return NextResponse.json(charges);
}

Node.js Server

Configure back-end tunnels inside Node environment for headless scripting or scraper routines.

server_proxy.js

// Node.js standard HTTPS and request modules
const axios = require('axios');

async function callBlockedResource() {
  const target = 'https://api.medium.com/v1/me';
  const proxy = `https://cors-kevins.vercel.app/api/proxy?url=${encodeURIComponent(target)}`;

  const response = await axios.get(proxy, {
    headers: { 'Authorization': 'Bearer YOUR_TOKEN' }
  });
  console.log(response.data);
}

Python Integration

Using standard Python requests with parameter URL coding to read json streams bypassing certificate blocks.

get_bypassed_data.py

# Python 3.x requests implementation
import requests
import urllib.parse

target_url = "https://api.twitter.com/2/tweets"
encoded_target = urllib.parse.quote(target_url)
proxy_url = f"https://cors-kevins.vercel.app/api/proxy?url={encoded_target}"

headers = { "Authorization": "Bearer YOUR_BEARER" }
response = requests.get(proxy_url, headers=headers)

print(response.status_code)
print(response.json())

PHP Integration

Connect via standard PHP curl or Guzzle package wrappers seamlessly.

client_proxy.php

<?php
// PHP 8+ Guzzle HTTP client configuration
require 'vendor/autoload.class.php';

$client = new \GuzzleHttp\Client();
$targetUrl = 'https://api.linkedin.com/v2/me';
$proxyUrl = 'https://cors-kevins.vercel.app/api/proxy?url=' . urlencode($targetUrl);

$response = $client->request('GET', $proxyUrl, [
    'headers' => [
        'Authorization' => 'Bearer YOUR_TOKEN',
    ]
]);

echo $response->getBody();

cURL Terminal command

Test proxy tunnels directly in your shell terminals with forwarded header directives.

command_line.sh

# cURL requests with forwarded request headers
curl -X GET "https://cors-kevins.vercel.app/api/proxy?url=https%3A%2F%2Fapi.github.com%2Fzen" \
     -H "Accept: application/json" \
     -H "x-custom-developer-header: cors-kevins"

Response Format

If querying in metadata mode (metadata=true), the proxy returns an advanced structured JSON envelope detailing request metadata, status codes, and forwarded headers. Otherwise, the proxy resolves transparently, acting as the resource host itself.

metadata_response_payload.json

{
  "success": true,
  "status": 200,
  "statusText": "OK",
  "latency": 45,
  "contentType": "application/json",
  "size": 134,
  "headers": {
    "content-type": "application/json; charset=utf-8",
    "cache-control": "public, max-age=86400",
    "server": "cloudflare"
  },
  "body": "{\n  \"message\": \"CORS resolved successfully\"\n}"
}

Error Codes

Standard client and gateway error codes returned during proxy session resolving:

HTTP Code	Name	Root Cause
400 Bad Request	INVALID_URL	Target URL query is missing or format is completely incorrect.
403 Forbidden	BLOCKED_ORIGIN	Destination endpoint explicitly bans general server middleware ranges.
502 Bad Gateway	HOST_UNRESOLVABLE	The remote host name could not be resolved, or target service is offline.

Rate Limits

Our standard public tier allows up to 10,000 requests per IP address per hour. If you exceed this window, the serverless relay responds with standard 429 Too Many Requests. Need custom configuration? Connect with the Kevins Core team.

Frequently Asked Questions

Are proxy payloads logged or cached by CORS KEVINS?

No. To enforce absolute privacy, our Edge network acts as a transparent flow-through conduit. Payload arrays are held only in short-lived serverless RAM cycles and are never recorded on disk.

Does this support binary transfers, PDFs, and image sources?

Yes. When querying the transparent endpoint (without metadata=true), we clone and return the exact binary stream, content-length, and content-type headers returned by the host.

How do preflight preflight OPTIONS requests work?

When a browser sends preflight OPTIONS checking origin capabilities, CORS KEVINS automatically intercept-responds with full authorization headers, preventing local network cancellations.