Giter Club home page Giter Club logo

corsa's Introduction

Corsa

Corsa proxies HTTP requests, adds CORS headers and can also serve your static web application.

Features:

  • proxy requests for /proxy/http://host/path to http://host/path
  • set Access-Control-Allow-Origin headers
  • support for CORS preflight requests
  • support for GET, HEAD, POST, PUT, DELETE, OPTIONS
  • serve static content from /app/ (--app-dir)
  • limit proxy hosts (--allow-proxy)
  • limit origin (--allow-origin)

Corsa is powered by Python and Tornado and is licensed under the MIT license.

Example

You have a static web app in ./mywebapp that loads images from http://imagesource.example and stores them in a local CouchDB? Due to the cross-domain restrictions of all modern browsers, you won't be able to access the image data and you won't be able to access the CouchDB. Cross-origin resource sharing (CORS) is a mechanism to work around that and Corsa will set the appropriate CORS headers for you.

Start Corsa:

% corsa --app-dir ./mywebapp --allow-proxy http://imagesource.example,http://localhost:5984

Configure your web app to use /proxy/http://imagesource.example as the image source and /proxy/http://localhost:5984 as your CouchDB URL and go to http://localhost:8888/app/index.html.

If you application is allready running at http://localhost:8080:

% corsa --allow-proxy http://imagesource.example,http://localhost:5984 --allow-origin http://localhost:8080

Options

To proxy specific URLs:

% corsa --allow-proxy http://httpbin.org --allow-origin ALL

% curl http://localhost:8888/proxy/http://httpbin.org/get -D -
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
[...]

You can restrict proxying to specific origins. Origin should be the host where your requests to Corsa comes from.

% corsa --allow-proxy http://httpbin.org --allow-origin http://myexample

% curl http://localhost:8888/proxy/http://httpbin.org/get -H 'Origin: http://myexample' -D -
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://myexample
[...]

% curl http://localhost:8888/proxy/http://httpbin.org/get -H 'Origin: http://otherdomain' -D -
HTTP/1.1 403 Forbidden
[...]

You can also host a static web app with Corsa:

% mkdir app
% echo 'hello' >> app/index.html
% corsa --app-dir app

% curl http://localhost:8888/app/index.html -D -
HTTP/1.1 200 OK
Content-Length: 6
[...]
Content-Type: text/html

hello

--allow-origin defaults to SELF which is an alias for the URL of the Corsa server. This way your web app is able to make requests to all --allow-proxy hosts by default.

You can permit all origins and proxy hosts with the ALL alias:

% corsa --allow-proxy ALL --allow-origin ALL

% curl http://localhost:8888/proxy/https://github.com/ -D -
HTTP/1.1 200 OK
[...]

Corsa listens to http://localhost:8888 by default, but you can change that with the --bind option:

% corsa --bind :9999
% corsa --bind 0.0.0.0
% corsa --bind 0.0.0.0:9090

Installation

Corsa is written in Python and requires Tornado. It was tested with Python 2.7/3.3 and Tornado 3.1.

Corsa is hosted on pypi so you can install it with:

pip install corsa

corsa's People

Contributors

olt avatar

Stargazers

avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar

Forkers

derflocki swamig bryder cancan101 mattbornski l-j

corsa's Issues

Bad Gateway error, trying to proxy mjpeg

I'm try to add CORS headers to a UV4L video stream.

Corsa is being run with:
corsa --allow-proxy ALL --allow-origin ALL --bind 0.0.0.0:9999

I can get to the U4VL admin page, via the proxy ok:

http://raspberrypi.local:9999/proxy/http://raspberrypi.local:8080/

But clicking on the MJPG icon (which works when not proxied) results in this error eventually (30+ seconds) appearing In Chrome:

stream/video.mjpeg:1 GET http://tiny4wd.local:9999/proxy/http://tiny4wd.local:8080/stream/video.mjpeg 502 (Bad Gateway)

Is this project still maintained?

Proxy requests with url containing %20 return 400 Bad Request

I'm using corsa to proxy a Jenkins server. We have jobs with spaces in the name.

When I try the following:
curl 'http://localhost:8888/proxy/http://jenkins:8080/job/Test%20Job/api/json?pretty=true' -D -

I get:

HTTP/1.1 400 Bad Request
Date: Wed, 20 Aug 2014 14:37:04 GMT
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Server: Jetty(8.y.z-SNAPSHOT)

Other jobs (without space in the name) work fine.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.