Web Development
Reader small image

You're reading from  CORS Essentials

Product typeBook
Published inMay 2017
Reading LevelIntermediate
Publisher
ISBN-139781784393779
Edition1st Edition
Languages
JavaScript
Tools
Visual Studio
Concepts
Front End Web Development
Right arrow
Author (1)
Rajesh Gunasundaram
Rajesh Gunasundaram
author image
Rajesh Gunasundaram

Rajesh Gunasundaram is a software architect, technical writer and blogger. He has over 15 years of experience in the IT industry, with more than 12 years using Microsoft .NET, 2 years of BizTalk Server and a year of iOS application development. Rajesh is a founder and editor of technical blogs programmerguide and ioscorner and you can find many of his technical writings on .Net and iOS. He is also the founder and developer of VideoLens, a platform that analyses videos uploaded in Facebook pages and YouTube channels. Rajesh has also written four other books for Packt publishing. Rajesh worked on client premises located at various countries such as UK, Belarus and Norway. He also has experience in developing mobile applications for iPhone and iPad. His technical strengths include Azure, Xamarin, ASP.NET MVC, Web API, WCF, .Net Framework / .Net Core, C#, Objective-C, Angular, Bot Framework, BizTalk, SQL Server, REST, SOA, Design Patterns and Software Architecture. Rajesh is an early adopter of Angular since AngularJS. He has developed Rich interfaces using Angular, Bootstrap, HTML5 and CSS3. He has good experience in translation of designer mock-ups and wireframes into an AngularJS front-end. Good at unit testing Angular applications with Karma. Expertise in handling RESTful services in Angular. Supporting various web products developed using AngularJS and Angular.
Read more about Rajesh Gunasundaram

Right arrow

Chapter 2. Creating Proxies for CORS

A proxy generally acts as an agent or an intermediary for a client that requests for a resource from a server. In this chapter, we will learn about the following:

  • What is a proxy server?

  • Reasons to use a proxy server

  • Types of proxy server: forward and reverse proxies

  • Reverse proxy in node.js with CORS anywhere

Proxies and the World Wide Web

Generally speaking, a proxy is someone or something that has the authority to represent some other person or thing; for example, a proxy may be authorized to vote on behalf of another person.

The World Wide Web is composed of individual machines communicating with each other. A web proxy acts as an intermediary with the authority to communicate with a third-party server on behalf of a server contacting the proxy server. Modern web applications are often distributed across many servers, and proxies can tie them together.

What is a proxy server?

A proxy server handles requests from clients asking for resources from another server. The requests may be for resources, such as files, web pages, or other resources from different servers. If the request is validated, the proxy server retrieves the resource and sends it to the requesting client. There are many types of proxy; they share the common purpose of acting as intermediaries to facilitate requests between clients and target servers.

Note

Proxy servers are defined by the Internet Engineering Task Force (IETF) at

.

Proxy server connections are specified by the W3C at

.

People who work for large organizations are probably familiar with the process of configuring their web browser, or other desktop applications that require Internet access to connect through a proxy. The proxy provides them with access to the Internet, while the network firewall protects the devices inside their network from intrusions.

Note

A proxy server may eliminate the need for CORS in your application...

Reasons to use a proxy

There are several reasons why you should place a proxy between your local domain and the target domain, which are as follows:

Avoid mixing up protocols

If your local domain application is served over SSL with HTTPS and you request a resource that is not served via SSL, the user may get a warning in the browser about mixing secure and non-secure content. Since the request to a proxy can also be made over SSL, there is no mixed content and the user sees no warning.

Some API platforms require proxies or CORS

An API hosted on a domain different from the local domain, a cloud-hosted API, or an Enterprise Service Bus (ESB) may require that cross-domain requests pass through a proxy or be handled by CORS. Apigee Edge, Mulesoft, and Google App Engine are platforms that require a proxy, or CORS, to pass requests. We will review solutions for specific platforms and applications in later chapters.

Getting through a local network firewall

In the same way that you may have to set up...

Creating a proxy server with Google App Engine

Google App Engine is an easy way to set up a proxy server for testing code and learning how to use a proxy.

Tip

If you use a public proxy server such as Google App Engine, then your data will not be private. A public proxy is suitable for testing, but you will need to use a secure proxy server that you own for production applications.

Create a New Application with Google App Engine:

There are detailed instructions at , including how to add authentication, because the proxy server will be publicly accessible. Even with added authentication, this proxy server is not sufficiently secure for a production application!

Reverse proxy server

A simple proxy server is known as a forward proxy, which retrieves a resource from another server and sends it to the original client making the request.

A reverse proxy server also retrieves resources on behalf of a client and returns them to the client as if they come from the proxy server itself, not from their actual...

Summary

Short and sweet, isn't it? We learned about proxy servers handling requests from our applications and forwarding the resource back to our application. We also saw scenarios such as avoiding mixing protocols, getting through local network firewalls, and API platforms that require proxies.

We also learned about forward proxy and reverse proxy. We walkedthrough the code that creates a reverse proxy server in Apache. Then we learned about using CORS anywhere to create a reverse proxy in node.js.

In the next chapter, we will learn about usability and security. We will learn ways to make sure that CORS can be used, including preflight. We saw that CORS itself does not provide much security, so we will look at how to secure your CORS application.

lock icon
The rest of the chapter is locked
Previous Chapter
Chapter 8 of 15
Next Chapter
You have been reading a chapter from
CORS Essentials
Published in: May 2017Publisher: ISBN-13: 9781784393779
© 2017 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
undefined
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at $15.99/month. Cancel anytime

Author (1)

author image
Rajesh Gunasundaram

Rajesh Gunasundaram is a software architect, technical writer and blogger. He has over 15 years of experience in the IT industry, with more than 12 years using Microsoft .NET, 2 years of BizTalk Server and a year of iOS application development. Rajesh is a founder and editor of technical blogs programmerguide and ioscorner and you can find many of his technical writings on .Net and iOS. He is also the founder and developer of VideoLens, a platform that analyses videos uploaded in Facebook pages and YouTube channels. Rajesh has also written four other books for Packt publishing. Rajesh worked on client premises located at various countries such as UK, Belarus and Norway. He also has experience in developing mobile applications for iPhone and iPad. His technical strengths include Azure, Xamarin, ASP.NET MVC, Web API, WCF, .Net Framework / .Net Core, C#, Objective-C, Angular, Bot Framework, BizTalk, SQL Server, REST, SOA, Design Patterns and Software Architecture. Rajesh is an early adopter of Angular since AngularJS. He has developed Rich interfaces using Angular, Bootstrap, HTML5 and CSS3. He has good experience in translation of designer mock-ups and wireframes into an AngularJS front-end. Good at unit testing Angular applications with Karma. Expertise in handling RESTful services in Angular. Supporting various web products developed using AngularJS and Angular.
Read more about Rajesh Gunasundaram

Personalised recommendations for you

Based on your interests and search pattern

Modernizing Drupal 10 Theme Development

Modernizing Drupal 10 Theme Development

Modernizing Drupal 10 Theme Development covers everything a frontend developer or a Drupal developer needs to know about the Drupal 10 theme layer. Using real-world examples, this book will help you to build up from an empty theme to a fast, responsive, maintainable, and accessible Drupal website in both monolithic and decoupled ways.

BookAug 2023360 pages4
Full Stack Development with Spring Boot 3 and React

Full Stack Development with Spring Boot 3 and React

Full Stack Development with Spring Boot 3 and React contains a wealth of practical guidance for picking up full stack development. The step-by-step exploration of everything from dependency injection, ORM with Hibernate, and JWTs to RESTful APIs, UI styling, and TypeScript will help you to develop the Spring Boot and React skills you need.

BookOct 2023454 pages5
Modern API Development with Spring 6 and Spring Boot 3

Modern API Development with Spring 6 and Spring Boot 3

This practical guide teaches inexperienced Java programmers and web developers how to design, develop, test, and deploy highly scalable and maintainable APIs using REST, gRPC, GraphQL, and reactive programming paradigms with Java and Spring Boot. Complete with real-world examples, it will guide you to build enterprise-level APIs and services.

BookSep 2023494 pages1
Hands-On Web Scraping with Python

Hands-On Web Scraping with Python

This book guides you to discover and extract quality data from the web using Python libraries such as requests, lxml, pyquery, scrapy, and to use effective scraping techniques. It’ll help you master the fundamentals and advanced concepts of web scraping and apply your skills to real-world data extraction tasks, with analysis and visualization.

BookOct 2023324 pages
Mastering Blazor WebAssembly

Mastering Blazor WebAssembly

Mastering Blazor WebAssembly is a comprehensive, practical guide that’ll help you to develop advanced web applications. By combining real-world experience with the thorough knowledge needed to build Blazor apps in a masterful fashion, this book enables you to efficiently manage cross-platform mobile development with .NET MAUI and Blazor.

BookAug 2023370 pages4
Mastering Blazor WebAssembly

Mastering Blazor WebAssembly

Mastering Blazor WebAssembly is a comprehensive, practical guide that’ll help you to develop advanced web applications. By combining real-world experience with the thorough knowledge needed to build Blazor apps in a masterful fashion, this book enables you to efficiently manage cross-platform mobile development with .NET MAUI and Blazor.

BookAug 2023370 pages3
Full Stack Web Development with Remix

Full Stack Web Development with Remix

Unlock the power of the web platform and cutting-edge technologies for your React applications using Remix to take advantage of the full stack to create a great user experience. This book is a complete resource covering the conventions, levers, and primitives of Remix and illustrates concepts through a real-world project.

BookNov 2023318 pages
Real-World Svelte

Real-World Svelte

This book is a must-have guide to unlocking Svelte's true potential. You’ll learn about advanced component development, efficient coding, and powerful UI patterns using actions. With a focus on state management, custom stores, and renderless components, this book equips you to build exceptional web apps with lightning-fast performance.

BookDec 2023282 pages3
Building Micro Frontends with React 18

Building Micro Frontends with React 18

This book is a step-by-step guide to building production-grade, highly scalable, and performant web apps using multi-SPA and micro apps patterns, where you’ll learn to deal with complexities related to micro frontends. The book is a full life cycle guide to building, deploying, and managing micro frontends in a cloud-native environment.

BookOct 2023218 pages
Drupal 10 Masterclass

Drupal 10 Masterclass

This all-in-one guide helps you get up and running with building Drupal applications using the latest Drupal 10 features. You’ll develop a complete practical understanding of Drupal frontend, backend, architecture, content management, themes, and modules to deliver a rich user experience by creating custom Drupal apps.

BookDec 2023310 pages
Full-Stack Flask and React

Full-Stack Flask and React

This book teaches you how to build simple yet efficient production-ready web applications. Starting with an introduction to React, this book will equip you with deeper knowledge of Flask and React technology stacks to undertake web application development with confidence.

BookOct 2023408 pages5
Full-Stack Flask and React

Full-Stack Flask and React

This book teaches you how to build simple yet efficient production-ready web applications. Starting with an introduction to React, this book will equip you with deeper knowledge of Flask and React technology stacks to undertake web application development with confidence.

BookOct 2023408 pages2