Legal
Terms of Service
Effective Date: May 18, 2026 Last Updated: May 18, 2026
1. Agreement to Terms
By accessing and using the corsproxy.dev service ("Service"), you agree to be bound by these Terms of Service ("Terms"). If you do not agree to these Terms, please do not use the Service.
2. Service Description
corsproxy.dev provides a CORS (Cross-Origin Resource Sharing) proxy service that allows users to make HTTP requests to external URLs while adding proper CORS headers to responses. The Service is provided as-is on an "AS IS" basis.
3. User Accounts
3.1 Registration
- You must provide accurate, complete, and current information during registration
- You are responsible for maintaining the confidentiality of your password
- You are responsible for all activities that occur under your account
- You must notify us immediately of any unauthorized use of your account
3.2 Account Eligibility
- You must be at least 13 years old to use this Service
- You may not use the Service if you are prohibited by any law or regulation
- You may not use the Service for illegal or harmful purposes
3.3 Account Termination
- We reserve the right to suspend or terminate your account at any time, with or without notice, if we believe you have violated these Terms
- You may request account deletion at any time through the dashboard
4. API Keys
4.1 Generation and Use
- API keys are personal credentials that grant access to the Service
- You are responsible for keeping your API keys confidential
- You must not share your API keys with third parties
- You must not commit API keys to public repositories or expose them in client-side code
4.2 Rate Limiting
- Free tier accounts are limited to 100 requests per day
- Rate limits are enforced per account and per API key
- Limits reset at UTC midnight
- Exceeding rate limits will result in 429 (Too Many Requests) responses
4.3 Key Management
- You may create multiple API keys per account
- API keys are shown only once when created; you cannot retrieve a key you lose
- You may revoke keys at any time through the dashboard
- Revoked keys immediately become invalid
5. Acceptable Use
You agree not to use the Service to:
- Proxy requests to internal, private, or restricted IP addresses
- Perform server-side request forgery (SSRF) attacks
- Access systems without authorization
- Perform denial-of-service attacks or spam
- Access, collect, or store personal data without consent
- Violate any applicable laws or regulations
- Infringe on intellectual property rights
- Harass, abuse, or threaten other users or services
- Interfere with the integrity or performance of the Service
- Reverse engineer or attempt to gain unauthorized access to the Service
- Use the Service for any illegal activity
6. Prohibited Requests
The Service will refuse to proxy requests to:
- 10.0.0.0/8 (Private network range)
- 172.16.0.0/12 (Private network range)
- 192.168.0.0/16 (Private network range)
- 127.0.0.0/8 (Loopback/localhost)
- IPv6 private and loopback addresses
- Any other internal or private networks
7. Service Availability
7.1 "AS IS" Basis
- The Service is provided on an "AS IS" basis without warranties
- We do not guarantee uninterrupted or error-free service
- We may suspend, modify, or discontinue the Service at any time
7.2 Maintenance
- We may perform maintenance that temporarily interrupts service
- We will attempt to provide notice of planned maintenance
7.3 Service Levels
- We do not provide service level agreements (SLAs) for the free tier
- Uptime monitoring and status information is available at https://status.corsproxy.dev
8. Privacy and Data
Your use of the Service is also governed by our Privacy Policy. By using the Service, you consent to the collection and use of data as described in the Privacy Policy.
8.1 Request Logging
- All requests are logged for security, analytics, and abuse prevention
- Logs are retained for 30 days
- Logs are not shared with third parties except as required by law
8.2 Data Security
- We use industry-standard security practices
- API keys are hashed using SHA-256 before storage
- Passwords are hashed using PBKDF2 with 100,000 iterations
- We do not store plaintext API keys or passwords
9. Intellectual Property
9.1 Service Content
- The Service and its content are protected by copyright and other intellectual property laws
- You do not acquire ownership rights to any part of the Service
9.2 User Content
- You retain ownership of any data or code you send through the Service
- You grant us the right to use request data solely for operating and improving the Service
10. Limitations of Liability
TO THE FULLEST EXTENT PERMITTED BY LAW:
- WE ARE NOT LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES
- WE ARE NOT LIABLE FOR LOSS OF PROFITS, LOSS OF DATA, OR OTHER BUSINESS INTERRUPTION
- OUR TOTAL LIABILITY SHALL NOT EXCEED THE AMOUNT YOU PAID FOR THE SERVICE IN THE PAST 12 MONTHS
- SOME JURISDICTIONS DO NOT ALLOW LIMITATION OF LIABILITY, SO THESE LIMITS MAY NOT APPLY TO YOU
11. Indemnification
You agree to indemnify and hold harmless corsproxy.dev and its operators from any claims, damages, or costs (including legal fees) arising from:
- Your use of the Service
- Your violation of these Terms
- Your infringement of intellectual property rights
- Your violation of applicable laws
12. Third-Party Services
The Service may proxy requests to third-party services. We are not responsible for:
- The availability or performance of third-party services
- The content, accuracy, or legality of third-party responses
- Your interactions with third-party services
- Data handling by third-party services
13. Changes to Terms
We may modify these Terms at any time. Changes are effective immediately upon posting. Continued use of the Service after changes constitutes acceptance of new Terms.
14. Termination
14.1 Termination by You
- You may stop using the Service at any time
- Account deletion requests are processed within 30 days
14.2 Termination by Us
- We may terminate or suspend your account immediately if you violate these Terms
- Upon termination, your access to API keys and account data is revoked
- We may delete your data 30 days after account termination
15. Governing Law
These Terms are governed by the laws of the jurisdiction in which corsproxy.dev operates, without regard to its conflict of law principles.
16. Dispute Resolution
Any disputes shall first be addressed through good-faith negotiation. If unresolved, disputes shall be subject to binding arbitration under the rules of the American Arbitration Association.
17. Severability
If any provision of these Terms is found to be unenforceable, the remaining provisions shall continue in full force and effect.
18. Contact Us
For questions about these Terms, please contact us at:
- Email: legal@corsproxy.dev
- GitHub Issues: https://github.com/melihbirim/devproxy-v01/issues
Last Updated: May 18, 2026