How Web Proxies Work: The Technology Behind /browse

What a web proxy actually does

When you browse through a web proxy, the browser never connects to the destination server. Instead:

• Your browser connects to the proxy server (KillNode's servers on Vercel).
• The proxy server fetches the destination URL on your behalf.
• The proxy rewrites the response and returns it to your browser.
• To your ISP, you are talking to the proxy host — the destination is invisible.

Why this bypasses local restrictions

ISP-level blocks and corporate firewalls operate by inspecting DNS lookups and TCP connections. When you use /browse:

• No DNS lookup for the destination is made from your machine — your browser only resolves killnode.vercel.app.
• No TCP connection to the destination leaves your machine — all connections originate from Vercel's servers.
• No SNI leakage — your TLS handshake is with killnode.vercel.app.

URL rewriting

HTML is full of relative and absolute URLs that would normally resolve against the destination domain. The proxy rewrites every URL in the response to route back through itself.

KillNode's proxy handles:

• HTML attributes: href, src, action, data, poster, srcset
• CSS: url() in <style> blocks and inline style= attributes
• Meta refresh redirects
• Dynamic requests via patched fetch / XMLHttpRequest

Limitations

• Login sessions: Cookies from the proxied site are scoped to killnode.vercel.app. Logging into third-party accounts does not work.
• JavaScript-heavy SPAs: Apps that fetch their own API endpoints may work partially.
• WebSockets: Not proxied.
• Strict CSP sites: Sites that restrict script sources may render incorrectly.

When to use it vs the desktop app

Use /browse for quick IP leak tests and bypassing blocked sites without installing anything.

Use the KillNode desktop app for full Tor integration, the neural killswitch, and routing your entire OS network stack through Tor.