2

since i was struggling in making API calls to apache server from my angular app running in node-express, So i was unable to call apache server with POST calls inspite of setting the CORS filter in most of the ways available, So someone suggested rather of making calls from AngularJs(Frontend) , make it from NodeJs(Backend-server) which serves your angulas(frontEnd) code.

So kindly assisst me in this as to what exactly is the difference between making API call's from frontEnd to any server or from the backend(server) of the same frontEnd ?? What factors makes it more preferable over the other one ? Is it proxy or CORS thing which effects FrontEnd based API calls ?

Thanking all in advance Shohil Sethia

asked Nov 23, 2016 at 4:05

2 Answers 2

1

CORS is a policy that is voluntarily enforced by the browser (chrome, firefox, etc.). The decision to allow or deny a request is based on the presence of a certain header (Access-Control-Allow-Origin: *) in a response from the server. There is no equivalent policy in a server side setting, so you are free to make cross-origin requests all day.

From enable-cors.org:

[CORS] prevents JavaScript from making requests across domain boundaries

answered Nov 23, 2016 at 21:09

1 Comment

hi Joel, My question is not regarding what CORS does, It is regarding what makes server to server API calls more preferrable than frontend to server. ?? Thank you
1

This is why I usually build a small server api in Node to grab data from external 3rd party servers.

  1. When the user makes a request on the front end the request is sent to the backend function with optional parameters which the end-user specified.
  2. Depending on the parameters supplied, different functions might be run before the backend queries the third party API.
  3. 3rd party API response is returned to the backend.
  4. Backend either passes the response along or does more stuff before passing the response along.
  5. Then the frontend does stuff with the data based on the response received (ie there were less than 5 results so adding pagination is not necessary).

If developed this way you gain access to the following which all benefit your application/website.

  1. Keep any necessary credentials on the server. ( extremely important )
  2. Obtain logs.
  3. Validate on both the server side and the client side for an added layer of security.
  4. Use the server to filter sensitive results if necessary before they reach the frontend.
  5. Vary which parts of the heavy lifting are done on the server vs the device in order to improve the application performance.
answered Feb 8, 2018 at 21:38

Comments

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.