Self-hosted CORS proxy for Blogs Are Back — deploy your own proxy to fetch RSS feeds and extract article content without CORS restrictions.
- Click the button above
- Sign in to Cloudflare (free account works)
- Authorize the deployment
- Copy your worker URL (e.g.,
https://bab-proxy.username.workers.dev) - In BAB: Settings → Custom Proxy → Paste URL → Validate
- 100,000 requests/day on free tier
- Feed fetching — RSS/Atom with conditional GET support
- Content extraction — Mozilla Readability via linkedom
- Zero cold starts — instant response times
- SSRF protection — blocks private IPs and metadata endpoints
- Optional API key — restrict access to your proxy
# Clone the repo
git clone https://github.com/blogsareback/bab-proxy-worker.git
cd bab-proxy-worker
# Install dependencies
npm install
# Deploy
npm run deployProtect your proxy with an API key:
# Via Wrangler CLI
npx wrangler secret put BAB_API_KEY
# Enter your secret when promptedOr via the Cloudflare dashboard:
- Go to Workers & Pages → Your Worker → Settings → Variables
- Add
BAB_API_KEYas an encrypted variable
Then in BAB, enter the same key in Settings → Custom Proxy → API Key.
Restrict which domains can use your proxy:
npx wrangler secret put ALLOWED_ORIGINS
# Enter comma-separated origins, e.g.: https://blogsareback.com,https://localhost:3000Check proxy status and capabilities.
{
"ok": true,
"version": "2.0.0",
"provider": "cloudflare-worker",
"capabilities": ["fetch", "parse"]
}Fetch an RSS/Atom feed.
Request:
{
"url": "https://example.com/feed.xml",
"headers": {
"If-None-Match": "\"abc123\""
},
"timeout": 10000
}Response:
{
"success": true,
"status": 200,
"headers": {
"content-type": "application/rss+xml",
"etag": "\"abc123\""
},
"body": "<?xml version=\"1.0\"?>..."
}Extract article content from a webpage.
Request:
{
"url": "https://blog.example.com/post",
"format": "both",
"timeout": 15000
}Response:
{
"success": true,
"title": "Article Title",
"byline": "Author Name",
"siteName": "Example Blog",
"excerpt": "A summary...",
"length": 5000,
"htmlContent": "<div>HTML content...</div>",
"textContent": "Plain text content...",
"image": "https://example.com/og-image.jpg"
}| Resource | Limit |
|---|---|
| Requests/day (free) | 100,000 |
| Response size | 10 MB |
| HTML size (parse) | 5 MB |
| Timeout | 30 seconds max |
| CPU time (free tier) | 10ms |
Note: The /parse endpoint may hit CPU limits on very complex pages. For heavy parsing workloads, consider using BAB's server-side parsing or a Vercel/Docker deployment.
npm install
npm run devThis starts a local server at http://localhost:8787.
This proxy includes SSRF protection that blocks:
- Private IP ranges (10.x, 172.16-31.x, 192.168.x, 127.x)
- Cloud metadata endpoints (169.254.169.254)
- Local hostnames (localhost, *.local)