Same-origin CORS proxy without allowlist, fix desktop CSS and font MIME types

- CORS proxy: inject /cors-proxy/ route into server-main.js (same-origin,
  no separate port needed). Remove allowlist so all external URLs are proxied.
- Shim: rewrite all external https:// fetch requests to /cors-proxy/HOST/path
- Desktop CSS: add <link> tag for workbench.desktop.main.css (Tailwind v4)
  since the HTML has workbench.css, not workbench.web.main.css
- MIME types: add .ttf (font/ttf) and .woff2 (font/woff2) for icon fonts
- localFilesystem: don't pretend files under .cursor/ exist (fixes
  createFile "already exists" errors for log files)

Author: kleberbaum

patch-cursor-web.sh

@@ -126,11 +126,19 @@ WB_HTML="$SERVDIR/out/vs/code/browser/workbench/workbench.html"
 python3 -c "
 html = open('$WB_HTML').read()
 
-# Replace web CSS with desktop CSS
+# Add desktop CSS (contains Tailwind v4 runtime + Cursor-specific styles)
+# The HTML has workbench.css (not workbench.web.main.css), so replace doesn't work.
+# Instead, add a second <link> for the desktop CSS.
 html = html.replace(
     'workbench/workbench.web.main.css',
     'workbench/workbench.desktop.main.css'
 )
+desktop_css_link = '<link rel=\"stylesheet\" href=\"{{WORKBENCH_WEB_BASE_URL}}/out/vs/workbench/workbench.desktop.main.css\">'
+if 'workbench.desktop.main.css' not in html:
+    html = html.replace(
+        '</head>',
+        '\t' + desktop_css_link + '\n\t</head>'
+    )
 
 # Replace web workbench loader with desktop shim
 html = html.replace(
@@ -462,6 +470,9 @@ if old in js and 'style="display:none' not in js[js.find(old):js.find(old)+200]
     changed = True
     print('  update notification suppressed')
 
+# 7t. Keep default Editor layout
+# (no change needed — M0.Editor is already the default)
+
 if changed:
     open(f, 'w').write(js)
 PATCH_DESKTOP_EOF
@@ -495,14 +506,12 @@ import sys
 f = sys.argv[1]
 js = open(f).read()
 
-# 8a. CSP connect-src: add CORS proxy origin
+# 8a. CSP connect-src: same-origin proxy, no external origin needed
 old = "connect-src 'self' ws: wss: https:;"
-new = "connect-src 'self' ws: wss: https: http://127.0.0.1:9080;"
 if old in js:
-    js = js.replace(old, new, 1)
-    print('  connect-src: added CORS proxy origin')
-elif new in js:
-    print('  connect-src: already patched')
+    print('  connect-src: already allows https: (no change needed)')
+elif 'connect-src' in js:
+    print('  connect-src: non-standard, skipping')
 
 # 8b. CSP font-src: add vscode-remote-resource
 old = "font-src 'self' blob:;"
@@ -532,14 +541,31 @@ if old in js:
 elif 'o="1.105.1";let r=ZS' in js:
     print('  U0() already patched')
 
-# 8e. MIME type: add .wasm for WebAssembly
+# 8e. MIME types: add .wasm, .ttf, .woff2
 old = '".woff":"application/font-woff"'
-new = '".wasm":"application/wasm",".woff":"application/font-woff"'
+new = '".wasm":"application/wasm",".ttf":"font/ttf",".woff":"application/font-woff",".woff2":"font/woff2"'
 if old in js and '".wasm"' not in js:
     js = js.replace(old, new, 1)
-    print('  MIME: added .wasm')
-elif '".wasm"' in js:
-    print('  MIME: .wasm already present')
+    print('  MIME: added .wasm, .ttf, .woff2')
+elif '".wasm"' in js and '".ttf"' not in js:
+    old2 = '".wasm":"application/wasm",".woff":"application/font-woff"'
+    new2 = '".wasm":"application/wasm",".ttf":"font/ttf",".woff":"application/font-woff",".woff2":"font/woff2"'
+    if old2 in js:
+        js = js.replace(old2, new2, 1)
+        print('  MIME: added .ttf, .woff2')
+elif '".ttf"' in js:
+    print('  MIME: .ttf/.woff2 already present')
+
+# 8f0. Inject /cors-proxy/ route into server request handler (same-origin, no allowlist)
+# URL format: /cors-proxy/<target-host>/path → https://<target-host>/path
+# Must go BEFORE the GET-only method check since API calls use POST.
+old = 'handleRequest(e,n){if(e.method!=="GET")'
+cors_route = r'''handleRequest(e,n){let _u=new URL(e.url||"/",`http://${e.headers.host}`),_p=_u.pathname;if(this._serverBasePath!==void 0&&_p.startsWith(this._serverBasePath)){_p=_p.substring(this._serverBasePath.length);if(_p[0]!=="/")_p="/"+_p}if(_p.startsWith("/cors-proxy/")){const _cp=_p.substring(12),_si=_cp.indexOf("/"),_host=_si>0?_cp.substring(0,_si):_cp,_path=_si>0?_cp.substring(_si):"/";if(e.method==="OPTIONS"){n.writeHead(200,{"access-control-allow-origin":"*","access-control-allow-methods":"GET, POST, PUT, DELETE, OPTIONS","access-control-allow-headers":"*","access-control-max-age":"86400"});n.end();return}const _https=yH("https"),_chunks=[];e.on("data",_c=>_chunks.push(_c));e.on("end",()=>{const _body=Buffer.concat(_chunks),_fh={...e.headers};delete _fh["host"];delete _fh["origin"];delete _fh["referer"];delete _fh["connection"];delete _fh["accept-encoding"];_fh["host"]=_host;const _opts={hostname:_host,port:443,path:_path+(_u.search||""),method:e.method,headers:_fh},_pr=_https.request(_opts,_res=>{const _rh={..._res.headers};_rh["access-control-allow-origin"]="*";_rh["access-control-expose-headers"]="*";delete _rh["access-control-allow-credentials"];n.writeHead(_res.statusCode,_rh);_res.pipe(n)});_pr.on("error",_e=>{n.writeHead(502,{"Content-Type":"text/plain"});n.end("Proxy error: "+_e.message)});if(_body.length>0)_pr.write(_body);_pr.end()});return}if(e.method!=="GET")'''
+if old in js and '/cors-proxy/' not in js:
+    js = js.replace(old, cors_route, 1)
+    print('  CORS proxy route injected at /cors-proxy/')
+elif '/cors-proxy/' in js:
+    print('  CORS proxy route already present')
 
 open(f, 'w').write(js)
 PATCH_SERVER_EOF

workbench-desktop-shim.js

@@ -2,39 +2,29 @@
  * Cursor Web — desktop workbench in browser with IPC bridge
  *--------------------------------------------------------*/
 
-// === CORS Proxy for Cursor API calls ===
-// The desktop workbench makes fetch/gRPC calls to api[2-5].cursor.sh and
-// various agent subdomains. All are blocked by CORS in the browser.
-// Intercept and route through local proxy.
+// === CORS Proxy — route ALL external fetch through same-origin /cors-proxy/ ===
+// No allowlist. URL: /cors-proxy/HOST/path → https://HOST/path
 {
     const _originalFetch = window.fetch;
-    const PROXY_PORT = parseInt(new URLSearchParams(window.location.search).get('cors_port') || '9080', 10);
-    // Match Cursor API endpoints + Statsig feature flag domains (CORS-blocked in browser)
-    const _cursorApiRe = /https?:\/\/(?:[a-z0-9-]*\.?(?:api[2-5]\.cursor\.sh)|api\.statsigcdn\.com|featureassets\.org|prodregistryv2\.org|statsigapi\.net)/;
-    // Rewrite vscode-remote:// URLs to local HTTP resource endpoint
+    const _externalRe = /^https?:\/\/([^/]+)/;
     const _vsRemoteRe = /^vscode-remote:\/\/[^/]+(\/.*)$/;
     window.fetch = function(input, init) {
         let url = (input instanceof Request) ? input.url : String(input);
-        // Handle vscode-remote:// scheme (extension resources loaded by desktop workbench)
         const rm = url.match(_vsRemoteRe);
         if (rm) {
             const resourcePath = rm[1];
             const rewritten = window.location.origin + '/vscode-remote-resource?path=' + encodeURIComponent(resourcePath);
             input = (input instanceof Request) ? new Request(rewritten, input) : rewritten;
         }
-        const m = url.match(_cursorApiRe);
-        if (m) {
-            const originalHost = m[0].replace(/^https?:\/\//, '');
-            const proxied = url.replace(_cursorApiRe, `http://127.0.0.1:${PROXY_PORT}`);
+        const m = url.match(_externalRe);
+        if (m && !url.startsWith(window.location.origin)) {
+            const targetHost = m[1];
+            const pathStart = url.indexOf('/', url.indexOf('://') + 3);
+            const pathAndQuery = pathStart > 0 ? url.substring(pathStart) : '/';
+            const proxied = window.location.origin + '/cors-proxy/' + targetHost + pathAndQuery;
             if (input instanceof Request) {
-                const newInit = { method: input.method, headers: new Headers(input.headers), body: input.body, mode: 'cors', credentials: input.credentials, redirect: input.redirect, referrer: input.referrer, signal: input.signal };
-                newInit.headers.set('X-Proxy-Host', originalHost);
-                input = new Request(proxied, newInit);
+                input = new Request(proxied, { method: input.method, headers: input.headers, body: input.body, credentials: input.credentials, redirect: input.redirect, referrer: input.referrer, signal: input.signal });
             } else {
-                init = init || {};
-                const headers = new Headers(init.headers || {});
-                headers.set('X-Proxy-Host', originalHost);
-                init = { ...init, headers };
                 input = proxied;
             }
         }
@@ -271,13 +261,9 @@ function handleLocalFilesystem(method, arg) {
             path.endsWith('/cache')) {
             return { type: 2, ctime: Date.now(), mtime: Date.now(), size: 0 };
         }
-        // Paths under .cursor/ — return dir stat for dirs, file stat for files
-        if (isUnderCursor) {
-            if (hasExtension) {
-                // Files under .cursor (logs, config, db) — return empty file stat
-                return { type: 1, ctime: Date.now(), mtime: Date.now(), size: 0 };
-            }
-            // Subdirectories
+        // Paths under .cursor/ — only pretend subdirectories exist.
+        // Files should be FileNotFound so createFile can create them.
+        if (isUnderCursor && !hasExtension) {
             return { type: 2, ctime: Date.now(), mtime: Date.now(), size: 0 };
         }
         // Everything else: not found