Notes on Reverse Proxy
Aus Weis nix
Inhaltsverzeichnis |
Rationale
A reverse proxy can be used to route XMLRequest calls from the a webpage originating from the remote webserver to a local webserver. This is required, since XMLRequest security restrictions prevent cross-domain access. This simulates to the browser that a request (coming from a remote domain) really comes from the local domain serving the webpage.
References
- Wikipedia: Reverse Proxy - general information and further links.
- mod_proxy Installation Notes
- A Reverse Proxy Is A Proxy By Any Other Name - Paper that covers the concept of a Reverse Proxy by defining what it is and how it differs from a forward proxy.
Implementations
- ISAPI_Reqwrite - IIS reverse proxy plugin, US$70
- mod_proxy - apache reverse proxy plugin, free+fast - why use anything else?
- Charles Web Debugging Proxy - Java/J2EE proxy application, US$400 (site lic.)
- Apache::ReverseProxy - an Apache mod_perl reverse proxy
Notes on Security with XMLRequest
Lifted from Apple Developer Connection
When the XMLHttpRequest object operates within a browser, it adopts the same-domain security policies of typical JavaScript activity (sharing the same "sandbox," as it were).
First, on most browsers supporting this functionality, the page that bears scripts accessing the object needs to be retrieved via http: protocol, meaning that you won't be able to test the pages from a local hard disk (file: protocol) without some extra security issues cropping up, especially in Mozilla and IE on Windows.
Second, the domain of the URL request destination must be the same as the one that serves up the page containing the script. This means, unfortunately, that client-side scripts cannot fetch web service data from other sources, and blend that data into a page. Everything must come from the same domain.
Apache Reverse-Proxy Configuration
General Setup
To enable Reverse Proxy functionality in Apache, the httpd.conf file should be edited in order to enable the following modules : proxy_module (mod_proxy.so) and proxy_http_module (mod_proxy_http.so)
#
# Apache modules sample config for reverse proxy.
#
...
LoadModule proxy_module modules/mod_proxy.so
...
LoadModule proxy_http_module modules/mod_proxy_http.so
...
Once the Apache reverse proxy is enabled, the reverse proxy rules web application.
# # Reverse proxy rules for Apache 2.x servers : # # Add a pair of entries for each web area you want to proxy, # ProxyPass /proxied/ http://www.sample.com/ ProxyPassReverse /proxied/ http://www.sample.com/
Variables Associated with a Proxy
The following variables could be found in the HTTP header when proxy requests are made:
@proxy = ( 'HTTP_VIA', 'HTTP_X_FORWARDED_FOR', 'VIA', 'HTTP_FORWARDED', 'FORWARDED', 'HTTP_X_BLUECOAT_VIA', 'HTTP_PROXY____', 'HTTP_PROXY___________', 'HTTP_PROXY_CONNECTION', 'HTTP_X_HOST', 'HTTP_X_REFERER', 'HTTP_X_SERVER_HOSTNAME', 'PROXY_HOST', 'PROXY_PORT', 'PROXY_REQUEST', 'HTTP_CLIENT_IP', 'HTTP_PRAGMA' );
