that's kind of the point. CORS just tells the browser to block the response, so this proxies the request and simply changes the headers to avoid that restriction.