cyberethicc/OnionViewer — reverse-engineered prompt

Build me a simple local web app called OnionViewer for cybersecurity research. I want to open it in my normal browser, paste a .onion URL, and have the app fetch the site through my local Tor connection instead of exposing anything directly.

Use Node.js with an Express server. It should try Tor on localhost ports 9050 and 9150, use SOCKS5h so DNS stays inside Tor, and show a clear error if Tor is not running. When a page loads, rewrite links, images, scripts, styles, and form actions so clicking around keeps everything inside the local proxy. Support normal browsing with GET requests and basic form submits with POST.

Make the front page feel like a clean research dashboard with a URL box, status messages, and simple safety notes. Add secure headers where appropriate, avoid leaking the original onion URL in the browser, and make it easy to run with npm install and npm start. Look up current docs online if needed.