CORS proxy and web server for static apps
Project description
Corsa proxies HTTP requests, adds CORS headers and can also serve your static web application.
Features:
proxy requests for /proxy/http://host/path to http://host/path
set Access-Control-Allow-Origin headers
support for CORS preflight requests
support for GET, HEAD, POST, PUT, DELETE, OPTIONS
serve static content from /app/ (--app-dir)
limit proxy hosts (--allow-proxy)
limit origin (--allow-origin)
Corsa is powered by Python and Tornado and is licensed under the MIT license.
Example
You have a static web app in ./mywebapp that loads images from http://imagesource.example and stores them in a local CouchDB? Due to the cross-domain restrictions of all modern browsers, you won’t be able to access the image data and you won’t be able to access the CouchDB. Cross-origin resource sharing (CORS) is a mechanism to work around that and Corsa will set the appropriate CORS headers for you.
Start Corsa:
% corsa --app-dir ./mywebapp --allow-proxy http://imagesource.example,http://localhost:5984
Configure your web app to use /proxy/http://imagesource.example as the image source and /proxy/http://localhost:5984 as your CouchDB URL and go to http://localhost:8888/app/index.html.
If you application is allready running at http://localhost:8080:
% corsa --allow-proxy http://imagesource.example,http://localhost:5984 --allow-origin http://localhost:8080
Options
To proxy specific URLs:
% corsa --allow-proxy http://httpbin.org --allow-origin ALL % curl http://localhost:8888/proxy/http://httpbin.org/get -D - HTTP/1.1 200 OK Access-Control-Allow-Origin: * [...]
You can restrict proxying to specific origins. Origin should be the host where your requests to Corsa comes from.
% corsa --allow-proxy http://httpbin.org --allow-origin http://myexample % curl http://localhost:8888/proxy/http://httpbin.org/get -H 'Origin: http://myexample' -D - HTTP/1.1 200 OK Access-Control-Allow-Origin: http://myexample [...] % curl http://localhost:8888/proxy/http://httpbin.org/get -H 'Origin: http://otherdomain' -D - HTTP/1.1 403 Forbidden [...]
You can also host a static web app with Corsa:
% mkdir app % echo 'hello' >> app/index.html % corsa --app-dir app % curl http://localhost:8888/app/index.html -D - HTTP/1.1 200 OK Content-Length: 6 [...] Content-Type: text/html hello
--allow-origin defaults to SELF which is an alias for the URL of the Corsa server. This way your web app is able to make requests to all --allow-proxy hosts by default.
You can permit all origins and proxy hosts with the ALL alias:
% corsa --allow-proxy ALL --allow-origin ALL % curl http://localhost:8888/proxy/https://github.com/ -D - HTTP/1.1 200 OK [...]
Corsa listens to http://localhost:8888 by default, but you can change that with the --bind option:
% corsa --bind :9999 % corsa --bind 0.0.0.0 % corsa --bind 0.0.0.0:9090
Installation
Corsa is written in Python and requires Tornado. It was tested with Python 2.7/3.3 and Tornado 3.1.
Corsa is hosted on pypi so you can install it with:
pip install corsa
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file corsa-0.1.2.tar.gz.
File metadata
- Download URL: corsa-0.1.2.tar.gz
- Upload date:
- Size: 4.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 15f86dc5839c780647ea7f7fabcc90a4973c61b71e3d1d85276f30e35e3fdd49 |
|
| MD5 | de4da35958e9e9048eec6b2849573bf3 |
|
| BLAKE2b-256 | c0a308e54876ed5d84f733aa2abab345e8f81ac5a6f634931fede82a25f5e9e4 |
