I have a C# server side web service. but I don't want user can to see my requests like request tab from client's browsers.
now, I haven't been find any solution on SO.
what is the best solution to do this?
I think I can use a node.js server-side and render my reactjs inside it and my node.js send my requests to C# server side. like this:
React.js<--(render)--Node.js--(Send/Receive api's)-->C#
I don't know if I use a node.js server, my requests will be hidden from clients?
I don't want to use reactjs.net.
If you're making a HTTP request to node server, and making the stealth request from NodeJS to another server, that request will not be visible to the client.
Alternatively, you can make an encrypted request. Although URL and some part of encryption algorithm will still be exposed at client's end.
Related
since I am learning node.js I was wondering about something:
When I use node.js server to run a websocket, so that clients can connect (like on a website via javascript), it always listens public. Isn't that a security problem, that everyone in the world would be able to send data to the ip:port. They just have to connect to the server via the data that are written anyway within javascript and send / receive data?
I was thinking about a token, which would make sense in Java or Swift etc, but in javascript it can be seen anyway?!
TL;DR: yes, It's totally secure.
Every time the browser sends an HTTP request, there is a port waiting for the server's response. The difference between this to an open port is that an open port is open for everyone on the web. In an HTTP request or web socket, the port opens only to the server.
As we know, if running application also manage sessions in main memory then is there any way for server to send responses to all web clients/browsers for new recorded data in a database.
Remember: I have not made any request to server or polling to server for new records update..
Let server make responses without web request..
Objective :
No all web browsers making request or polling to server for every certain interval therefore reducing the performance issue with the application memory..
Am just against of making so many ajax calls from every web client..
Need your ideas from your past, if experienced similar..
read about websockets and socket.io.
basically with socket.io you have a connection open between browser (client) and server and server can send data which the client than receives as an event.
the client doesn't need to send a request to get that data, only open the web socket connection.
you can look at socket.io chat example: http://socket.io/get-started/chat/
WebSocket is the best and easy solution if you don't want to go through the hassle to learn Angular or others.
Both server-side and client-side can build WebSocket, and it acts as a bridge to transmit data back and forth.
I just created an easy solution for this.
Please check my new library wsm - WebSocket Manager, it works for both server-side and client-side.
Websocket Server can be built easily; this library includes several useful features.
Could ajax be used on the client side javascript to function as an in-the-background web spider? You'll have to excuse the vagueness of this post because I really have no idea where to begin technically in terms of the code and there is nothing online about a program like this.
You can use a cors proxy type script in order to do these Ajax requests client side via javascript. Look on Github for 'cors proxy', and set that up in your Node.js environment, then pass all of your ajax calls client side through this proxy.
Yes its possible but with some restrictions, meant only to be done from a specially-configured browser, not for arbitrary users to just run:
For chrome, open it using the command-line parameter --disable-web-security.
now you can do cross domain and such.
I assume you just want it for using yourself as a server and not on a public web page.
You cannot make ajax requests to different hosts, so no.
I'm making connections via thrift (node-thrift) to a backend server to make api calls, but the communication is bidirectional (push/pull) to NodeJS.
While a user is browsing around different URLs, and Node is churning out jade templates and javascript files via Connect/Express routes, how do I maintain the connection to the backend server, and output (as an example) the connection status as part of the rendered jade output?
I have the connection object, but what do I do with it?
Sockets and port communication is generally a new area for me, so any help would be appreciated.
Keep in mind that backend server is not communicating to the web browser as the client, but rather the NodeJS server as the client.
(updated after discussion in comments)
So it looks like thrift is TCP-based which means the node client is going to keep the connection to your thrift API server open. This is entirely independent of what your node/express app server is doing with the browser clients. So if you keep a reference to your thrift client available to all requests, by attaching it to the app object for example, you should be able to determine it's current status and include that information in HTTP responses to the browser. There's not going to be any automatic coordination or association of any kind between your express app server handling browser HTTP requests and your thrift client making RPC calls to the API server. If you want coordination, you need to code that explicitly, but sending an HTTP response to a browser isn't going to automatically close your thrift TCP connection to the thrift RPC server (and same story vice versa).
This question is for my curiosity only:
Is it possible to make a HTTP request from a backend server to a web browser, that is to say I have a HTTP server ON the web browser to listen for incoming HTTP requests?
Cause I want to use frontend <-> couchdb directly thus dumping the backend server .. but then i wondered how i would do normal processing when the database javascript is not sufficient.
That thought made me think of this question.
Generally speaking — no.
There are some exceptions, Opera has a feature called "Unite" which allows it to run a web server (this is not turned on by default!) as well as acting as a user agent. That wouldn't allow you to send a response to a request that hadn't been made though.
Most web browsers don't have a web server and they are unable to accept HTTP requests. Maybe there is an extension for Firefox, but that's not a typical use case.
Depending on what you are trying to achieve, using Comet or long polling could work for you.