Feature Request: CORS Proxy

Many use cases for Airtable’s Scripting Block (and also for Custom Blocks) involve making requests to services running on another domain. Since scripts execute in the context of a web browser, such requests are restricted according to the Cross-Origin Resource Sharing (CORS) protocol. Users’ requests are frequently blocked for this reason.

At the moment, the Scripting Block does not offer a solution for this problem nor does its documentation recognize the need. Some Airtable users have found a publicly-available service to meet their immediate needs, e.g.

This is undesirable for a number of reasons:

  • users must discover the service on their own (This obstacle is particularly daunting for the entry-level programmers for whom the Scripting Block is designed. Even experienced developers can struggle with the complexity of CORS.)
  • the reliability of the service is not guaranteed
  • the trustworthiness of the service is unknown (The proxy has access to all the information intended for the destination service which frequently includes sensitive data like API keys and database contents.)

If Airtable provided a CORS proxy, it would fill what some might argue is a hole in the capabilities of the Scripting Block. It could confidently educate users on how/why to use the service, guiding them away from unsafe practices and toward more resilient solutions.

2 Likes

Hi @Mike_Pennisi

Checkout https://on2air.com/on2air-storage

We just soft launched with support for proxy servers that can get around CORS

1 Like

Wow! I just watched the intro video on your website. This looks like an awesome (and much needed) product that solves a lot of security issues with Airtable! :slight_smile: Thank you for creating this!! :slight_smile:

1 Like

This thread is about a way for Airtable to add more value for its users. If they agree that this functionality is essential, then they may not want to endorse any third party solution.

Hi @Mike_Pennisi,
@openside,

Mike wrote faster than me what I wanted to write after reading this too, in addition to all other Use Cases that Mike reminds us: it’s really a mountain of possible difficulties to climb over in addition to learning to write respectable javascript, which can be evaluated by the Professionals who give us the gift of coaching us in this Community!

And moreover, it affects both Script-Block and Custom-Block so it’s not a weakness of Script-Block alone as it happens sometimes!

But that does not prevent me from respecting your proposal and the extensive work you share with the Community.
You are one of the People who helped me not only to learn how to put functional code on a Script-Block but to be challenging in the way to design and improve it.

@Michelle_Valentine @Kasra @Emma_Yeap @Billy_Littlefield
Now I hope that Airtable’s DEV’s will take this request in their priorities not to make us wait 2 years to offer us an internal solution at Airtable!

Best,

oLπ

Funny that you posted this today and cors-anywhere put out an update today that prevents you from making more than 200 calls every 60 minutes (breaking one of my workstreams).

Glad to see some people are making some cool 3P stuff @openside!

Thanks @Tyler_Campbell - give it a go and let us know if any issues.