// Cloudflare Worker for Binance / OKX P2P proxy
// Deploy free at https://workers.cloudflare.com

const ALLOWED = ['p2p.binance.com', 'www.okx.com'];

export default {
  async fetch(request) {
    const corsHeaders = {
      'Access-Control-Allow-Origin': '*',
      'Access-Control-Allow-Methods': 'GET, POST, OPTIONS',
      'Access-Control-Allow-Headers': 'Content-Type',
    };
    if (request.method === 'OPTIONS') {
      return new Response(null, { headers: corsHeaders });
    }
    const url = new URL(request.url);
    const target = url.searchParams.get('url');
    if (!target) {
      return json({ error: 'missing url param' }, 400, corsHeaders);
    }
    let t;
    try { t = new URL(target); } catch {
      return json({ error: 'invalid url' }, 400, corsHeaders);
    }
    if (!ALLOWED.includes(t.hostname)) {
      return json({ error: 'host not allowed' }, 403, corsHeaders);
    }
    const init = {
      method: request.method,
      headers: {
        'Content-Type': 'application/json',
        'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64)',
        'Accept': 'application/json',
      },
    };
    if (request.method === 'POST') {
      init.body = await request.text();
    }
    try {
      const r = await fetch(target, init);
      const body = await r.text();
      return new Response(body, {
        status: r.status,
        headers: { 'Content-Type': 'application/json', ...corsHeaders },
      });
    } catch (e) {
      return json({ error: e.message }, 502, corsHeaders);
    }
  },
};

function json(obj, status, headers) {
  return new Response(JSON.stringify(obj), {
    status,
    headers: { 'Content-Type': 'application/json', ...headers },
  });
}