superagent-d2l-cors-proxy

Plugin for superagent which will proxy cross-origin requests (CORS) for browsers which don't support them.

Why

Older versions of IE (specifically IE8 and IE9) do not support making cross-origin requests using the standard XMLHttpRequest object. Instead, they rely on the non-standard, proprietary XDomainRequest.

Quite reasonably, superagent does not support the XDomainRequest object. Also, XDomainRequest also has a bunch of restrictions which are not imposed normally when using CORS. There are plugins for superagent which add support for the XDomainRequest object, but the restrictions still apply.

So we need a better way to make cross-origin requests in all browsers.

How it works

If no CORS support is detected, this plugin will proxy the request through an IFRAME pointing at a HTML document on the destination host using postMessage. Since CORS doesn't apply to the document on the host, it can complete the actual request without limitations.

Usage

First, download via NPM:

npm install superagent-d2l-cors-proxy

Upload the provided index.html file to your destination host at http://myhost.com/lib/superagent-d2l-cors-proxy/{version}/index.html.

In your application, use() the proxy with any requests you're making to the destination host with superagent:

var request = require('superagent'),
    corsProxy = require('superagent-d2l-cors-proxy');
 
request
    .get('http://myHost.com/myApp/myFile.json')
    .use(corsProxy)
    .end(...);

Important: when making requests to other hosts that shouldn't be proxied, simply omit the use(corsProxy) from the superagent call.

Contributing

Contributions are welcome, please submit a pull request!

Code Style

This repository is configured with EditorConfig rules and contributions should make use of them.