3

I'm trying to figure out what is the "proper" way to make HTTP requests programatically from web application code when you don't know if you are or are not running behind reverse proxy (e.g. HTTPD).

  • Web application runs on root "/" context on web server
  • Proxy runs with context "/proxy" that proxies this that web server

Accessing index.html from browser should be requested via /proxy/index.html. But what if there is some code in the web application (e.g. myscript.js) that sends HTTP request programatically (e.g. xhr.open("???/resource").

And here comes the problem because the code sends this HTTP request to /resource instead of sending it to /proxy/resource.

In other words, the code of web application (that runs in the browser) does not know if there is any or there isn't a proxy. Keep in mind that application can run behind proxy but there may not be any proxy at all. I have in mind 3 solutions:

1) Web application resolves context (e.g. /proxy) automatically by parsing it from the current window.location.path and send xhr according to it

2) Enhance web application to require some additional configuration of proxy from user and it appends the context if it is set

3) Configure proxy somehow to also resend non-proxy like URLs to web server 1:1 (e.g. /proxy -> webserver/, / -> webserver/)

Which one is "the proper" one or there are any other options?

zdenda.online
  • 2,451
  • 3
  • 23
  • 45

1 Answers1

0

Backend web applications should not be aware if there is proxy or not above or before them. They should ideally live in their own context path, eg. /application/ and if they need to send redirects do so without using hostnames or url schemes in it, just URL-Path /application/*

Then ideally you can do easy reverse proxy directives according to your number 3 scenario:

ProxyPass /XXX/ http://backend/application/
ProxyPassReverse /XXX/ http://backend/application/
Daniel Ferradal
  • 2,727
  • 1
  • 13
  • 19
  • I agree that they should not be aware of it. So you suggest writing xhr.open("/application")? Does it work without hostname and scheme? Will it work if application lives in root context? – zdenda.online Jun 15 '17 at 11:52
  • Btw it is not about redirects but about requesting some data (e.g. from HTTP API). Even if sending without hostname and scheme: e.g. xhr.open("/application") will not work I think (because it is missing /XXX (so it won't reach proxy). – zdenda.online Jun 15 '17 at 11:58
  • either I'm not understanding you or you are not understanding me, your application is "behind" a reverse proxy, that assumes a client makes a requests, goes through the reverse proxy and the reverse proxy passes it onto your application, all your application should respond with is url-path only, hostnames or url scheme unless are made to external redirections for somewhere else, should never be included. Reverse proxy will handle the scheme and hostname used by the client and preserve it when appropiate with the config provided. – Daniel Ferradal Jun 15 '17 at 15:18
  • 1
    Yep, as you said we are not understanding ourselves :-) The case you described is ok. I mean the case when part of my application is loaded into browser (client) and needs to query the same application's backend (server). The client's part of application (in browser) is for example JS code that does HTTP requests (programatically from code). So technically this client application is "ahead" proxy and needs to request server (behind the proxy) using URLs containing proxy's context. – zdenda.online Jun 15 '17 at 18:43
  • then I guess for me the logical thing would be add specific directives for those pasths, or not using a reverse proxy at all then. – Daniel Ferradal Jun 16 '17 at 20:41
  • Reverse proxy is a requirement so we don't have option to go without it. What do you mean by adding specific directives? – zdenda.online Jun 19 '17 at 05:26
  • @d1x I was refering to your comment "needs to request server (behind the proxy) using URLs containing proxy's context" add the necessary url-path for those context to be answered by the reverse proxy, or fix the application. – Daniel Ferradal Jun 19 '17 at 11:47
  • @erza-s Thanks for your thoughts. As there are no other answers and your comments answer the question I think. If have some time, feel free to answer my similar HTTP-related question :-) https://stackoverflow.com/questions/61429542/http-x-forwarded-host-behavior-without-port – zdenda.online Apr 25 '20 at 18:14