Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Resolving CORS Restrictions in Node.js #4761

Open
yixinNB opened this issue May 13, 2024 · 2 comments
Open

feat: Resolving CORS Restrictions in Node.js #4761

yixinNB opened this issue May 13, 2024 · 2 comments
Labels
enhancement New feature or request

Comments

@yixinNB
Copy link

yixinNB commented May 13, 2024

馃殌 Feature

Resolve CORS Restrictions in Node.js

Motivation

In Node.js, I'm attempting to employ Pyodide for executing Python scripts uploaded by users, leveraging its strong isolation environment. However, certain Python scripts might employ the requests library to scrape web pages. While WebAssembly theoretically doesn't face CORS limitations in Node.js, Pyodide continues to encounter errors during runtime.

Pitch

Crawling web pages with python in nodejs and pyodide environments without cors limitations

Alternatives

I considered CORS proxy, but I would like to run user uploaded python code in pyodide as if it were running locally, without special handling. Additionally, I would like to increase the security of the code by using pyodide's sandboxing mechanism and nodejs' sandboxing mechanism (e.g. vm2).

Additional context

/lib/python3.11/site-packages/urllib3/connectionpool.py:1101: InsecureRequestWarning: Unverified HTTPS request is being made to host 'api.live.bilibili.com'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#tls-warnings
  warnings.warn(
Can't stream HTTP requests because: 
  Page is not cross-origin isolated
 Worker or Blob classes are not available in this environment.
@yixinNB yixinNB added the enhancement New feature or request label May 13, 2024
@hoodmane
Copy link
Member

hoodmane commented May 14, 2024
edited

Thanks for the report @yixinNB! think this should be urllib3 issue. Cc @joemarshall.

@joemarshall
Copy link
Contributor

This is a urllib3 warning.

Requests will in theory work fine as long as you have a package that implements xmlhttprequest loaded, but you won't be able to stream data, these http requests will be downloaded then the full body returned to python in one go.

It would be possible to implement support for node.js streaming requests in urllib3 (and thus requests) on versions of node with worker-threads and atomics support, which I think pretty much anything that reasonably supports pyodide would run happily. If you could find funding for it I could do it (I wrote the emscripten browser support for urllib3), I don't think it would be masses of work.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@joemarshall @hoodmane @yixinNB