This is a pre-production deployment of Warehouse. Changes made here affect the production instance of PyPI (pypi.python.org).
Help us improve Python packaging - Donate today!

CORS proxy and web server for static apps

Project Description

Corsa proxies HTTP requests, adds CORS headers and can also serve your static web application.

Features:

  • proxy requests for /proxy/http://host/path to http://host/path
  • set Access-Control-Allow-Origin headers
  • support for CORS preflight requests
  • support for GET, HEAD, POST, PUT, DELETE, OPTIONS
  • serve static content from /app/ (--app-dir)
  • limit proxy hosts (--allow-proxy)
  • limit origin (--allow-origin)

Corsa is powered by Python and Tornado and is licensed under the MIT license.

Example

You have a static web app in ./mywebapp that loads images from http://imagesource.example and stores them in a local CouchDB? Due to the cross-domain restrictions of all modern browsers, you won’t be able to access the image data and you won’t be able to access the CouchDB. Cross-origin resource sharing (CORS) is a mechanism to work around that and Corsa will set the appropriate CORS headers for you.

Start Corsa:

% corsa --app-dir ./mywebapp --allow-proxy http://imagesource.example,http://localhost:5984

Configure your web app to use /proxy/http://imagesource.example as the image source and /proxy/http://localhost:5984 as your CouchDB URL and go to http://localhost:8888/app/index.html.

If you application is allready running at http://localhost:8080:

% corsa --allow-proxy http://imagesource.example,http://localhost:5984 --allow-origin http://localhost:8080

Options

To proxy specific URLs:

% corsa --allow-proxy http://httpbin.org --allow-origin ALL

% curl http://localhost:8888/proxy/http://httpbin.org/get -D -
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
[...]

You can restrict proxying to specific origins. Origin should be the host where your requests to Corsa comes from.

% corsa --allow-proxy http://httpbin.org --allow-origin http://myexample

% curl http://localhost:8888/proxy/http://httpbin.org/get -H 'Origin: http://myexample' -D -
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://myexample
[...]

% curl http://localhost:8888/proxy/http://httpbin.org/get -H 'Origin: http://otherdomain' -D -
HTTP/1.1 403 Forbidden
[...]

You can also host a static web app with Corsa:

% mkdir app
% echo 'hello' >> app/index.html
% corsa --app-dir app

% curl http://localhost:8888/app/index.html -D -
HTTP/1.1 200 OK
Content-Length: 6
[...]
Content-Type: text/html

hello

--allow-origin defaults to SELF which is an alias for the URL of the Corsa server. This way your web app is able to make requests to all --allow-proxy hosts by default.

You can permit all origins and proxy hosts with the ALL alias:

% corsa --allow-proxy ALL --allow-origin ALL

% curl http://localhost:8888/proxy/https://github.com/ -D -
HTTP/1.1 200 OK
[...]

Corsa listens to http://localhost:8888 by default, but you can change that with the --bind option:

% corsa --bind :9999
% corsa --bind 0.0.0.0
% corsa --bind 0.0.0.0:9090

Installation

Corsa is written in Python and requires Tornado. It was tested with Python 2.7/3.3 and Tornado 3.1.

Corsa is hosted on pypi so you can install it with:

pip install corsa
Release History

Release History

This version
History Node

0.1.2

History Node

0.1.1

History Node

0.1.0

Download Files

Download Files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
corsa-0.1.2.tar.gz (4.4 kB) Copy SHA256 Checksum SHA256 Source Sep 12, 2013

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting