Hi,

if you develop JavaScript applications you are surely aware of the same-origin-policy of browsers. This limits the application to request resources only from its own domain, while requests to any other domain will be blocked.

To solve this, you have one of two choices: either follow the CORS standard supported by the good guys of the browsers (guess what - the usual suspects of browsers don't support it), or use a proxy within your Web application which is able to dispatch requests to resouces of other domains.

For the CORS approach, there is already a nice blog from Joanna Chan here in SCN. CORS is a good choice if you don't need to support older browsers, like IE version 8 or 9, and if you are able to securely control the allowed originating domains in your server application or service.

If you can't use the CORS approach for your scenario due to browser or security limitations, the other choice is to use a proxy within your Web application. For this, we have released a Connectivity Proxy component on sap.github.io under Apache License v2. This component provides a simple Java proxy servlet that makes use of the SAP HANA Cloud Connectivity Service to dispatch HTTP requests to resources from other domains. Using the Connectivity Service, the proxy is also able to dispatch to on-premise resources, using  Destinations and the SAP HANA Cloud Connector. By this you can easily call, for instance, SAP NetWeaver Gateway systems which are located in a secured network from your JavaScript application running in the cloud.

Check out the sources and further documentation directly on github. As we follow an open-source approach here, you are also welcome to propose changes or extensions in case you spot areas in the proxy which shall be improved.