Notes on Reverse Proxy

Aus Weis nix
Wechseln zu: Navigation, Suche

Rationale

A reverse proxy can be used to route XMLRequest calls from the a webpage originating from the remote webserver to a local webserver. This is required, since XMLRequest security restrictions prevent cross-domain access. This simulates to the browser that a request (coming from a remote domain) really comes from the local domain serving the webpage.

References

Implementations

Notes on Security with XMLRequest

Lifted from Apple Developer Connection

When the XMLHttpRequest object operates within a browser, it adopts the same-domain security policies of typical JavaScript activity (sharing the same "sandbox," as it were).

First, on most browsers supporting this functionality, the page that bears scripts accessing the object needs to be retrieved via http: protocol, meaning that you won't be able to test the pages from a local hard disk (file: protocol) without some extra security issues cropping up, especially in Mozilla and IE on Windows.

Second, the domain of the URL request destination must be the same as the one that serves up the page containing the script. This means, unfortunately, that client-side scripts cannot fetch web service data from other sources, and blend that data into a page. Everything must come from the same domain.

Apache Reverse-Proxy Configuration

General Setup

To enable Reverse Proxy functionality in Apache, the httpd.conf file should be edited in order to enable the following modules : proxy_module (mod_proxy.so) and proxy_http_module (mod_proxy_http.so)

#
# Apache modules sample config for reverse proxy.
#
...
LoadModule proxy_module modules/mod_proxy.so
...
LoadModule proxy_http_module modules/mod_proxy_http.so
...
                   

Once the Apache reverse proxy is enabled, the reverse proxy rules web application.

#
# Reverse proxy rules for Apache 2.x servers :
#
# Add a pair of entries for each web area you want to proxy,
#
ProxyPass          /proxied/        http://www.sample.com/
ProxyPassReverse   /proxied/        http://www.sample.com/

Variables Associated with a Proxy

The following variables could be found in the HTTP header when proxy requests are made:

@proxy = (
 'HTTP_VIA',
 'HTTP_X_FORWARDED_FOR',
 'VIA',
 'HTTP_FORWARDED',
 'FORWARDED',
 'HTTP_X_BLUECOAT_VIA',
 'HTTP_PROXY____',
 'HTTP_PROXY___________',
 'HTTP_PROXY_CONNECTION',
 'HTTP_X_HOST',
 'HTTP_X_REFERER',
 'HTTP_X_SERVER_HOSTNAME',
 'PROXY_HOST',
 'PROXY_PORT',
 'PROXY_REQUEST',
 'HTTP_CLIENT_IP',
 'HTTP_PRAGMA'
);