Commerce

7.5.x

Proxy Configuration

If an application that runs in a web browser is hosted on a different server than Cortex API, the requests fail due to the same origin policy of the browser. For example, a Javascript application. You must set up a proxy server to handle requests between Cortex and the client application to resolve this issue. The proxy server must be configured to rewrite links to the proxy server’s address. We recommend using Apache HTTP Server 2.4 as a proxy server.

Rewriting Link URLs

Cortex uses its server base URL for links in JSON responses. For example, if a Cortex server is deployed at http://api.elasticpath.net/cortex, and a request is sent to Cortex without any headers:

GET http://api.elasticpath.net/cortex/carts/mobee/default

Returned JSON response would have the same base URL in it’s href attributes:

{
  "self": {
    "type": "elasticpath.carts.cart",
    "uri": "/carts/mobee/mq4=",
    "href": "http://api.elasticpath.net/cortex/carts/mobee/mq4="
  },
  "total-quantity": 3,
  "links": [
    {
      "rel": "lineitems",
      "rev": "cart",
      "type": "application/vnd.elasticpath.links",
      "uri": "/carts/mobee/mq4=/lineitems",
      "href": "http://api.elasticpath.net/cortex/carts/mobee/mq4=/lineitems"
    },
    {
      "rel": "order",
      "rev": "cart",
      "type": "elasticpath.orders.order",
      "uri": "/orders/mobee/gjq=",
      "href": "http://api.elasticpath.net/cortex/orders/mobee/gjq="
    },
    {
      "rel": "total",
      "rev": "cart",
      "type": "application/vnd.elasticpath.total",
      "uri": "/totals/carts/mobee/mq4=",
      "href": "http://api.elasticpath.net/cortex/totals/carts/mobee/mq4="
    }
  ]
}

However, if your client application is deployed on http://app.myhost.net/app, API requests outside of this domain will fail due to the Web Browser’s Same Origin Policy.

Using a proxy server and the X-Forwarded-Base header for link rewriting, the response can be rewritten to appear as if it’s coming from the same server. A request with X-Forwarded-Base header sent to cortex:

GET http://api.elasticpath.net/cortex/carts/mobee/default
X-Forwarded-Base: http://app.myhost.net/app

Returned JSON response would be:

{
  "self": {
    "type": "elasticpath.carts.cart",
    "uri": "/carts/mobee/mq4=",
    "href": "http://app.myhost.net/app/carts/mobee/mq4="
  },
  "total-quantity": 3,
  "links": [
    {
      "rel": "lineitems",
      "rev": "cart",
      "type": "application/vnd.elasticpath.links",
      "uri": "/carts/mobee/mq4=/lineitems",
      "href": "http://app.myhost.net/app/carts/mobee/mq4=/lineitems"
    },
    {
      "rel": "order",
      "rev": "cart",
      "type": "elasticpath.orders.order",
      "uri": "/orders/mobee/gjq=",
      "href": "http://app.myhost.net/app/orders/mobee/gjq="
    },
    {
      "rel": "total",
      "rev": "cart",
      "type": "application/vnd.elasticpath.total",
      "uri": "/totals/carts/mobee/mq4=",
      "href": "http://app.myhost.net/app/totals/carts/mobee/mq4="
    }
  ]
}
Last updated on 5/8/2024
Structured MessagesElastic Path Advisor