Skip to main content

What is Cordon?

Cordon is a local Rust proxy that transparently intercepts outbound HTTP/HTTPS requests and injects API credentials from a secret store — 1Password or your OS keychain. Your applications never hold real secrets. They just make normal HTTP calls through the proxy.

No secrets in env vars

Env vars leak into logs, crash dumps, child processes, and ps output. Cordon injects credentials at the network layer instead.

No code changes

Set HTTPS_PROXY and your existing HTTP client works. No SDK wrappers, no secret-fetching boilerplate.

Easy credential rotation

Rotate a secret in your secret store and restart the proxy. Your applications don’t change or restart.

Team-wide consistency

One cordon.yaml in the repo. Everyone uses the same credential paths. No per-developer .env files.

Why not env vars?

Environment variables are the most common way to pass secrets to applications, but they have significant drawbacks:
  1. Leak surface — env vars appear in /proc/<pid>/environ, ps eww, crash dumps, error reporters, and CI logs
  2. Inheritance — child processes inherit all env vars. A subprocess you didn’t write now has your API keys
  3. No audit trail — there’s no record of when an env var was read or by whom
  4. Rotation friction — changing a secret requires restarting all processes that use it
Cordon eliminates these issues by keeping secrets out of the process entirely. Your application sees HTTPS_PROXY=http://127.0.0.1:6790 — a non-secret configuration value.

How it works

┌─────────────┐       ┌─────────────────────────────┐       ┌──────────┐
│  Your App   │──────▶│          cordon              │──────▶│ Upstream │
│             │ HTTP  │  ┌─────────┐ ┌───────────┐  │ HTTPS │  API     │
│ HTTPS_PROXY │ PROXY │  │ Router  │ │Interceptor│  │       │          │
│ =127.0.0.1  │       │  └────┬────┘ └─────┬─────┘  │       │          │
│  :6790      │       │       │    inject   │        │       │          │
└─────────────┘       │  ┌────▼─────────────▼────┐  │       └──────────┘
                      │  │   TLS MITM / Forward  │  │
                      │  └───────────────────────┘  │
                      │  ┌───────────────────────┐  │
                      │  │    Secret Sources     │  │
                      │  │  1Password · Keyring  │  │
                      │  └───────────────────────┘  │
                      └─────────────────────────────┘
  1. Your app sends requests through the proxy via HTTPS_PROXY
  2. Cordon matches the destination host against configured routes
  3. For matched routes, it strips any existing auth header and injects the real credential
  4. The request is forwarded to the upstream API with the injected credentials

Installation

Install cordon via npm or from source

Quickstart

Get up and running in 5 minutes