[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-11695":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":9,"totalLinesOfCode":9,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":9,"subscribersCount":16,"size":16,"stars1d":17,"stars7d":18,"stars30d":19,"stars90d":16,"forks30d":16,"starsTrendScore":20,"compositeScore":21,"rankGlobal":9,"rankLanguage":9,"license":9,"archived":22,"fork":22,"defaultBranch":23,"hasWiki":22,"hasPages":22,"topics":24,"createdAt":9,"pushedAt":9,"updatedAt":31,"readmeContent":32,"aiSummary":33,"trendingCount":16,"starSnapshotCount":16,"syncStatus":34,"lastSyncTime":35,"discoverSource":36},11695,"ladder","everywall\u002Fladder","everywall","Selfhosted alternative to 12ft.io. and 1ft.io. Proxy to remove CORS headers and modify HTML",null,"https:\u002F\u002Fgithub.com\u002Feverywall\u002Fladder","Go",8010,455,31,19,0,18,50,282,54,110.98,false,"main",[25,26,27,28,29,30],"bypass","paywall","paywall-blocker","paywall-bypasser","cors","cors-proxy","2026-06-12 04:00:55","\u003Cp align=\"center\">\n    \u003Cimg src=\"assets\u002Fpigeon.svg\" width=\"100px\">\n\u003C\u002Fp>\n\n\u003Ch1 align=\"center\">Ladder\u003C\u002Fh1>\n\u003Cdiv>\u003Cimg alt=\"License\" src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Flicense\u002Feverywall\u002Fladder\"> \u003Cimg alt=\"go.mod Go version \" src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fgo-mod\u002Fgo-version\u002Feverywall\u002Fladder\"> \u003Cimg alt=\"GitHub tag (with filter)\" src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fv\u002Ftag\u002Feverywall\u002Fladder\"> \u003Cimg alt=\"GitHub (Pre-)Release Date\" src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Frelease-date-pre\u002Feverywall\u002Fladder\"> \u003Cimg alt=\"GitHub Downloads all releases\" src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fdownloads\u002Feverywall\u002Fladder\u002Ftotal\"> \u003Cimg alt=\"GitHub Build Status (with event)\" src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Factions\u002Fworkflow\u002Fstatus\u002Feverywall\u002Fladder\u002Frelease-binaries.yaml\">\u003C\u002Fdiv>\n\n\n*Ladder is a http web proxy.* \n\n[简体中文](README.zh-CN.md)\n\nLadder is a developer tool for testing and analyzing paywall implementations and content delivery behavior on modern websites.\n\nIt allows developers, researchers, and publishers to simulate different client environments (such as browsers and crawlers) and observe how content is served under varying conditions. This makes it useful for debugging paywall configurations, verifying access controls, http headers, and ensuring consistent behavior across different user agents.\n\nLadder is intended for legitimate testing, research, and quality assurance purposes only. It should only be used in compliance with applicable laws and the terms of service of the target website.\n\n![screenshot](ladder.png)\n\n### How it works\n\n```mermaid\nsequenceDiagram\n    client->>+ladder: GET\n    ladder-->>ladder: apply RequestModifications\n    ladder->>+website: GET\n    website->>-ladder: 200 OK\n    ladder-->>ladder: apply ResultModifications\n    ladder->>-client: 200 OK\n```\n\n### Features\n- [x] Remove\u002Fmodify CORS headers from responses, assets, and images ...\n- [x] Remove\u002Fmodify other headers (e.g. Content-Security-Policy)\n- [x] Remove\u002Finject custom code (HTML, CSS, JavaScript) into the page\n- [x] Apply domain based ruleset\u002Fcode to modify response \u002F requested URL\n- [x] Keep site browsable\n- [x] API\n- [x] Fetch RAW HTML\n- [x] Custom User Agent\n- [x] Custom X-Forwarded-For IP\n- [x] [Docker container](https:\u002F\u002Fgithub.com\u002Feverywall\u002Fladder\u002Fpkgs\u002Fcontainer\u002Fladder) (amd64, arm64)\n- [x] Linux binary\n- [x] Mac OS binary\n- [x] Windows binary (untested)\n- [x] Basic Auth\n- [x] Access logs\n- [x] Might break tracking, adds and other 3rd party content\n- [x] Limit the proxy to a list of domains\n- [x] Expose Ruleset to other ladders\n- [ ] Robots.txt testing\n- [ ] Optional TOR proxy\n- [ ] A key to share a proxied URL\n\n### Limitations\nSome websites deliver different content (Cloaking) depending on the type of client accessing them (for example, search engine crawlers versus standard web browsers). Ladder can be configured to emulate different client types in order to retrieve publicly accessible content for testing, automation, or research purposes.\n\nHowever, many websites implement advanced mechanisms to restrict automated access, such as fingerprinting, rate limiting, or behavioral analysis. Ladder does not circumvent such protections and may not function correctly on services that actively restrict or control access.\n\nThird-party tools such as FlareSolverr exist and may be used independently to render web pages in a headless browser environment. These tools are not part of Ladder, and their use may be subject to legal and contractual restrictions. Users are solely responsible for ensuring that their usage complies with all applicable regulations.\n\n## Installation\n\n> **Warning:** If your instance will be publicly accessible, make sure to enable Basic Auth. This will prevent unauthorized users from using your proxy. If you do not enable Basic Auth, anyone can use your proxy to browse nasty\u002Fillegal stuff. And you will be made responsible for it.\n\n### Binary\n1) Download binary [here](https:\u002F\u002Fgithub.com\u002Feverywall\u002Fladder\u002Freleases\u002Flatest)\n2) Unpack and run the binary `.\u002Fladder -r https:\u002F\u002Fraw.githubusercontent.com\u002Feverywall\u002Fladder-rules\u002Fmain\u002Fruleset.yaml`\n3) Open Browser (Default: http:\u002F\u002Flocalhost:8080)\n\n### Docker\n```bash\ndocker run -p 8080:8080 -d --env RULESET=https:\u002F\u002Fraw.githubusercontent.com\u002Feverywall\u002Fladder-rules\u002Fmain\u002Fruleset.yaml --name ladder ghcr.io\u002Feverywall\u002Fladder:latest\n```\n\n### Docker Compose\n```bash\ncurl https:\u002F\u002Fraw.githubusercontent.com\u002Feverywall\u002Fladder\u002Fmain\u002Fdocker-compose.yaml --output docker-compose.yaml\ndocker-compose up -d\n```\n\n### Helm\nSee [README.md](\u002Fhelm-chart\u002FREADME.md) in helm-chart sub-directory for more information.\n\n## Usage\n\n### Browser\n1) Open Browser (Default: http:\u002F\u002Flocalhost:8080)\n2) Enter URL\n3) Press Enter\n\nOr direct by appending the URL to the end of the proxy URL:\nhttp:\u002F\u002Flocalhost:8080\u002Fhttps:\u002F\u002Fwww.example.com\n\nOr create a bookmark with the following URL:\n```javascript\njavascript:window.location.href=\"http:\u002F\u002Flocalhost:8080\u002F\"+location.href\n```\n\n### API\n```bash\ncurl -X GET \"http:\u002F\u002Flocalhost:8080\u002Fapi\u002Fhttps:\u002F\u002Fwww.example.com\"\n```\n\n### RAW\nhttp:\u002F\u002Flocalhost:8080\u002Fraw\u002Fhttps:\u002F\u002Fwww.example.com\n\n\n### Running Ruleset\nhttp:\u002F\u002Flocalhost:8080\u002Fruleset\n\n## Configuration\n\n### Environment Variables\n\n| Variable | Description | Value |\n| --- | --- | --- |\n| `PORT` | Port to listen on | `8080` |\n| `PREFORK` | Spawn multiple server instances | `false` |\n| `USER_AGENT` | User agent to emulate | `Mozilla\u002F5.0 (compatible; Googlebot\u002F2.1; +http:\u002F\u002Fwww.google.com\u002Fbot.html)` |\n| `X_FORWARDED_FOR` | IP forwarder address | `66.249.66.1` |\n| `USERPASS` | Enables Basic Auth, format `admin:123456` | `` |\n| `LOG_URLS` | Log fetched URL's | `true` |\n| `DISABLE_FORM` | Disables URL Form Frontpage | `false` |\n| `FORM_PATH` | Path to custom Form HTML | `` |\n| `RULESET` | Path or URL to a ruleset file, accepts local directories | `https:\u002F\u002Fraw.githubusercontent.com\u002Feverywall\u002Fladder-rules\u002Fmain\u002Fruleset.yaml` or `\u002Fpath\u002Fto\u002Fmy\u002Frules.yaml` or `\u002Fpath\u002Fto\u002Fmy\u002Frules\u002F` |\n| `EXPOSE_RULESET` | Make your Ruleset available to other ladders | `true` |\n| `ALLOWED_DOMAINS` | Comma separated list of allowed domains. Empty = no limitations | `` |\n| `ALLOWED_DOMAINS_RULESET` | Allow Domains from Ruleset. false = no limitations | `false` |\n| `FLARESOLVERR_HOST` | URL for the FlareSolverr service for Cloudflare bypass (optional) | `http:\u002F\u002Flocalhost:8191` |\n\n`ALLOWED_DOMAINS` and `ALLOWED_DOMAINS_RULESET` are joined together. If both are empty, no limitations are applied.\n| `BASE_PATH` | Base path for the proxy, useful if you want to run the proxy on a subpath (e.g. http:\u002F\u002Flocalhost:8080\u002Fproxy\u002F) | `` |\n\n### Ruleset\n\nIt is possible to apply custom rules to modify the response or the requested URL. This can be used to remove unwanted or modify elements from the page. The ruleset is a YAML file, a directory with YAML Files, or an URL to a YAML file that contains a list of rules for each domain. These rules are loaded on startup.\n\nThere is a basic ruleset available in a separate repository [ruleset.yaml](https:\u002F\u002Fraw.githubusercontent.com\u002Feverywall\u002Fladder-rules\u002Fmain\u002Fruleset.yaml). Feel free to add your own rules and create a pull request.\n\n\n```yaml\n- domain: example.com          # Includes all subdomains\n  domains:                     # Additional domains to apply the rule\n    - www.example.de\n    - www.beispiel.de\n  headers:\n    x-forwarded-for: none      # override X-Forwarded-For header or delete with none\n    referer: none              # override Referer header or delete with none\n    user-agent: Mozilla\u002F5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit\u002F537.36 (KHTML, like Gecko) Chrome\u002F119.0.0.0 Safari\u002F537.36\n    content-security-policy: script-src 'self'; # override response header\n    cookie: privacy=1\n  regexRules:\n    - match: \u003Cscript\\s+([^>]*\\s+)?src=\"(\u002F)([^\"]*)\"\n      replace: \u003Cscript $1 script=\"\u002Fhttps:\u002F\u002Fwww.example.com\u002F$3\"\n  injections:\n    - position: head # Position where to inject the code\n      append: |      # possible keys: append, prepend, replace\n        \u003Cscript>\n          window.localStorage.clear();\n          console.log(\"test\");\n          alert(\"Hello!\");\n        \u003C\u002Fscript>\n- domain: www.anotherdomain.com # Domain where the rule applies\n  useFlareSolverr: false        # Use FlareSolverr for Cloudflare bypass (optional, default: false)\n  paths:                        # Paths where the rule applies\n    - \u002Farticle\n  googleCache: false            # Use Google Cache to fetch the content\n  regexRules:                   # Regex rules to apply\n    - match: \u003Cscript\\s+([^>]*\\s+)?src=\"(\u002F)([^\"]*)\"\n      replace: \u003Cscript $1 script=\"\u002Fhttps:\u002F\u002Fwww.example.com\u002F$3\"\n  injections:\n    - position: .left-content article .post-title # Position where to inject the code into DOM\n      replace: | \n        \u003Ch1>My Custom Title\u003C\u002Fh1>\n    - position: .left-content article # Position where to inject the code into DOM\n      prepend: | \n        \u003Ch2>Subtitle\u003C\u002Fh2>\n- domain: demo.com\n  headers:\n    content-security-policy: script-src 'self';\n    user-agent: Mozilla\u002F5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit\u002F537.36 (KHTML, like Gecko) Chrome\u002F119.0.0.0 Safari\u002F537.36\n  urlMods:              # Modify the URL\n    query:              \n      - key: amp        # (this will append ?amp=1 to the URL)\n        value: 1 \n    domain:             \n      - match: www      # regex to match part of domain\n        replace: amp    # (this would modify the domain from www.demo.de to amp.demo.de)\n    path:               \n      - match: ^        # regex to match part of path\n        replace: \u002Famp\u002F  # (modify the url from https:\u002F\u002Fwww.demo.com\u002Farticle\u002F to https:\u002F\u002Fwww.demo.de\u002Famp\u002Farticle\u002F)\n```\n\n## FlareSolverr Integration\n\nLadder now supports integration with [FlareSolverr](https:\u002F\u002Fgithub.com\u002FFlareSolverr\u002FFlareSolverr) to bypass Cloudflare protection and other anti-bot challenges. This is particularly useful for sites that employ sophisticated bot detection mechanisms.\n\n### Setting up FlareSolverr\n\n1. **Using Docker Compose (Recommended):**\n   ```yaml\n   # docker-compose.yaml\n   services:\n     ladder:\n       image: ghcr.io\u002Feverywall\u002Fladder:latest\n       ports:\n         - \"8080:8080\"\n       environment:\n         - RULESET=https:\u002F\u002Fraw.githubusercontent.com\u002Feverywall\u002Fladder-rules\u002Fmain\u002Fruleset.yaml\n         # - FLARESOLVERR_HOST=http:\u002F\u002Fflaresolverr:8191\n       depends_on:\n         - flaresolverr\n     \n     flaresolverr:\n       image: ghcr.io\u002Fflaresolverr\u002Fflaresolverr:latest\n       ports:\n         - \"8191:8191\"\n       environment:\n         - LOG_LEVEL=info\n   ```\n\n2. **Running FlareSolverr separately:**\n   ```bash\n   docker run -d \\\n     --name flaresolverr \\\n     -p 8191:8191 \\\n     ghcr.io\u002Fflaresolverr\u002Fflaresolverr:latest\n   ```\n\n   Then start Ladder with the FlareSolverr URL:\n   ```bash\n   FLARESOLVERR_HOST=http:\u002F\u002Flocalhost:8191 .\u002Fladder\n   ```\n\n### Configuring Rules for FlareSolverr\n\nTo use FlareSolverr for specific domains, add the `useFlareSolverr: true` flag in your ruleset:\n\n```yaml\n# Example ruleset with FlareSolverr\n- domain: cloudflare-protected-site.com\n  useFlareSolverr: true  # Enable FlareSolverr for this domain\n  headers:\n    user-agent: \"Mozilla\u002F5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\u002F537.36\"\n    accept: \"text\u002Fhtml,application\u002Fxhtml+xml,application\u002Fxml;q=0.9,*\u002F*;q=0.8\"\n\n# Regular site without FlareSolverr\n- domain: regular-site.com\n  headers:\n    user-agent: \"Custom User Agent 1.0\"\n```\n\n### Use Cases\n\nFlareSolverr integration is particularly useful for:\n- **Cloudflare-protected sites**: Sites using Cloudflare's anti-bot challenges\n- **Sites with JavaScript challenges**: Pages that require JavaScript execution to access content\n- **Dynamic content loading**: Sites that load content dynamically through JavaScript\n- **Advanced bot detection**: Sites using sophisticated fingerprinting and bot detection techniques\n\n### Important Notes\n\n- FlareSolverr adds additional latency to requests as it needs to solve challenges\n- Only enable `useFlareSolverr` for domains that actually need it to maintain performance\n- FlareSolverr requires more resources as it runs a headless browser\n- Make sure FlareSolverr is running and accessible before enabling it in your ruleset\n\n## Development\n\nTo run a development server at http:\u002F\u002Flocalhost:8080:\n\n```bash\necho \"dev\" > handlers\u002FVERSION\nRULESET=\".\u002Fruleset.yaml\" go run cmd\u002Fmain.go\n```\n\n### Optional: Live reloading development server with [cosmtrek\u002Fair](https:\u002F\u002Fgithub.com\u002Fcosmtrek\u002Fair)\n\nInstall air according to the [installation instructions](https:\u002F\u002Fgithub.com\u002Fcosmtrek\u002Fair#installation). \n\nRun a development server at http:\u002F\u002Flocalhost:8080:\n\n```bash\nair # or the path to air if you haven't added a path alias to your .bashrc or .zshrc\n```\n\nThis project uses [pnpm](https:\u002F\u002Fpnpm.io\u002F) to build a stylesheet with the [Tailwind CSS](https:\u002F\u002Ftailwindcss.com\u002F) classes. For local development, if you modify styles in `form.html`, run `pnpm build` to generate a new stylesheet.\n","Ladder 是一个 HTTP 网络代理工具，用于测试和分析现代网站上的付费墙实现和内容传递行为。其核心功能包括移除或修改CORS头、其他HTTP头（如Content-Security-Policy），以及向页面注入自定义代码（HTML、CSS、JavaScript）。此外，它还支持基于域名的规则集来修改响应或请求URL，并保持网站的可浏览性。Ladder 适用于开发者、研究人员及出版商在合法合规的前提下进行调试、验证访问控制、确保跨不同用户代理的一致性表现等场景。此工具提供API接口、Docker容器镜像及多平台二进制文件，便于部署与使用。",2,"2026-06-11 03:32:18","trending"]