backend_tips.md

• Backend tips
  • Test whether your server supoort CORS
    • Normal HTTP server
    • Socket.io Server
    • Socket.io Adapter
  • check whether server enable 'keepalive' feature
  • self signed cert
  • Redeem
  • golang forward request
  • Platform nodejs code to browser

Backend tips

Test whether your server supoort CORS

Normal HTTP server

Sending a regular CORS request using cUrl:

curl -H "Origin: http://example.com" --head -v <your_request_url>

The response should include the Access-Control-Allow-Origin header.

< Access-Control-Allow-Origin: *
Access-Control-Allow-Origin: *

Sending a preflight request using cUrl:

curl -H "Origin: http://example.com" \
  -H "Access-Control-Request-Method: POST" \
  -H "Access-Control-Request-Headers: X-Requested-With" \
  -X OPTIONS -v \
  <your_request_url>

If the preflight request is successful, the response should include the Access-Control-Allow-Origin, Access-Control-Allow-Methods, and Access-Control-Allow-Headers response headers.

< Access-Control-Allow-Origin: *
< Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
< Vary: Access-Control-Request-Headers
< Access-Control-Allow-Headers: X-Requested-With

Socket.io Server

append /socket.io/ to your request url

curl -H "Origin: http://example.com" \
  -H "Access-Control-Request-Method: POST" \
  -H "Access-Control-Request-Headers: X-Requested-With" \
  -X OPTIONS -v \
  http://localhost:8000/socket.io/

* Mark bundle as not supporting multiuse
< HTTP/1.1 204 No Content
< Access-Control-Allow-Origin: *
< Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
< Vary: Access-Control-Request-Headers
< Access-Control-Allow-Headers: X-Requested-With

Socket.io Adapter

• method also works within a cluster of multiple Socket.IO servers.

  1. server.disconnectSockets([close])
  2. server.fetchSockets()
  3. server.socketsJoin(rooms)
  4. server.socketsLeave(rooms)

• "server" means io or io.of("/") or io.in("room1")

• if you only want to affect the socket instances on the given node, you need to use the local flag:

• Emitter

  • The Redis emitter allows sending packets to the connected clients from another Node.js process:

check whether server enable 'keepalive' feature

curl  -I  <url>

check reponse header

self signed cert

# copy and run in you terminal

case `uname -s` in
    (Linux*)     sslConfig=/etc/ssl/openssl.cnf;;
    (Darwin*)    sslConfig=/System/Library/OpenSSL/openssl.cnf;;
esac

ipaddr=`ifconfig | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '127.0.0.1'`

openssl req \
    -newkey rsa:2048 \
    -x509 \
    -nodes \
    -keyout server.key \
    -new \
    -out server.pem \
    -subj /CN=$ipaddr \
    -reqexts SAN \
    -extensions SAN \
    -config <(cat $sslConfig \
        <(printf '[SAN]\nsubjectAltName=DNS:localhost')) \
    -sha256 \
    -days 3650

Trust it in KeyChain Access, this cert is named your ipi

More simplier:

go run $GOROOT/src/crypto/tls/generate_cert.go --host golangtc.com

for homebrew go, replace GOROOT is /usr/local/opt/go/libexec

Redeem

redeem

golang forward request

// Serve a reverse proxy for a given url
func serveReverseProxy(target string, res http.ResponseWriter, req *http.Request) {
    // parse the url
    url, _ := url.Parse(target)

    // create the reverse proxy
    proxy := httputil.NewSingleHostReverseProxy(url)

    // Update the headers to allow for SSL redirection
    req.URL.Host = url.Host
    req.URL.Scheme = url.Scheme
    req.Header.Set("X-Forwarded-Host", req.Header.Get("Host"))
    req.Host = url.Host

    // Note that ServeHttp is non blocking and uses a go routine under the hood
    proxy.ServeHTTP(res, req)
}

Platform nodejs code to browser

https://browserify.org/#install

browserify node-app.js --standalone CustomLib  -o  bundle.js

How to use

<script src="bundle.js"></script>

{
    var foo = CustomLib.foo;
    ...
}