Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/ading2210/sandstone/llms.txt

Use this file to discover all available pages before exploring further.

Sandstone is an experimental web proxy library that routes network traffic through libcurl.js and the Wisp protocol while rendering proxied pages inside a sandboxed iframe — no service worker required. Traditional proxies like Ultraviolet depend on a hosted, unblocked domain, which leads to a constant cycle of domains being discovered and blocked. Because Sandstone can run entirely from a local HTML file or a data: URL, it sidesteps that problem entirely. It also enforces a strict security boundary: the sandboxed iframe prevents any proxied page from accessing or tampering with your host page, which is something traditional proxies do not guarantee.
Sandstone is at a very early stage of development. Many web APIs are not yet implemented, and behaviour may change between versions. Do not rely on it in production environments.

Working features

The following APIs and browser behaviours work inside a proxied page today:
  • Fetch APIfetch() calls are intercepted and routed through libcurl.js
  • Basic JavaScript — inline and external scripts are rewritten and evaluated
  • localStorage — persisted per origin and synced back to the host page
  • Web workers — worker scripts are fetched and rewritten through the proxy
  • XMLHttpRequest — intercepted and routed through the same network layer as fetch()
  • Media elements<img>, <video>, <audio> and similar tags resolve their src through the proxy
  • CSS rewritingurl() references in stylesheets are rewritten to proxy URLs
  • Anchor tags — click events are intercepted and turned into navigate RPC calls
  • HTML redirects<meta http-equiv="refresh"> is handled during HTML rewriting
  • HTML formsGET and POST form submissions are intercepted and proxied

Notable unimplemented features

The following features are not yet supported:
  • CookiesSet-Cookie headers and document.cookie are not implemented
  • ES6 modules<script type="module"> and import statements are not rewritten
  • HTTP request caching — responses are not cached; every navigation re-fetches

Site support

Sandstone has been tested and confirmed to work on:
  • Discord — the login page works (captcha does not); works in v0.1.1 but not v0.2.0
  • Amazon
  • v86 — a full x86 emulator running in the browser
  • YouTube embeds
  • HTML5 games including Minecraft Classic and Slither.io
  • Most static sites

Explore the docs

Quickstart

Clone, build, and proxy your first URL in minutes.

How it works

Understand the sandboxed iframe model, RPC system, and JS rewriting pipeline.

Build docs developers (and LLMs) love

Get started for freeTalk to us