Help

This Product Ideas board is currently undergoing updates, but please continue to submit your ideas.

Feature Request: CORS Proxy

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Mike_Pennisi
7 - App Architect
7 - App Architect
‎Jul 17, 2020 10:51 AM

Many use cases for Airtable’s Scripting Block (and also for Custom Blocks) involve making requests to services running on another domain. Since scripts execute in the context of a web browser, such requests are restricted according to the Cross-Origin Resource Sharing (CORS) protocol. Users’ requests are frequently blocked for this reason.

At the moment, the Scripting Block does not offer a solution for this problem nor does its documentation recognize the need. Some Airtable users have found a publicly-available service to meet their immediate needs, e.g.

This is undesirable for a number of reasons:

  • users must discover the service on their own (This obstacle is particularly daunting for the entry-level programmers for whom the Scripting Block is designed. Even experienced developers can struggle with the complexity of CORS.)
  • the reliability of the service is not guaranteed
  • the trustworthiness of the service is unknown (The proxy has access to all the information intended for the destination service which frequently includes sensitive data like API keys and database contents.)

If Airtable provided a CORS proxy, it would fill what some might argue is a hole in the capabilities of the Scripting Block. It could confidently educate users on how/why to use the service, guiding them away from unsafe practices and toward more resilient solutions.

See more ideas labeled with:
Comment
8 Comments
openside
10 - Mercury
10 - Mercury
‎Jul 17, 2020 11:37 AM
‎Jul 17, 2020 11:37 AM

Hi @Mike_Pennisi

Checkout https://on2air.com/on2air-storage

We just soft launched with support for proxy servers that can get around CORS

ScottWorld
18 - Pluto
18 - Pluto
‎Jul 17, 2020 11:55 AM
‎Jul 17, 2020 11:55 AM

Wow! I just watched the intro video on your website. This looks like an awesome (and much needed) product that solves a lot of security issues with Airtable! :slightly_smiling_face: Thank you for creating this!! :slightly_smiling_face:

Mike_Pennisi
7 - App Architect
7 - App Architect
‎Jul 17, 2020 12:37 PM
‎Jul 17, 2020 12:37 PM

This thread is about a way for Airtable to add more value for its users. If they agree that this functionality is essential, then they may not want to endorse any third party solution.

Olpy_Acaflo
9 - Sun
9 - Sun
‎Jul 17, 2020 01:38 PM
‎Jul 17, 2020 01:38 PM

Hi @Mike_Pennisi,
@openside,

Mike wrote faster than me what I wanted to write after reading this too, in addition to all other Use Cases that Mike reminds us: it’s really a mountain of possible difficulties to climb over in addition to learning to write respectable javascript, which can be evaluated by the Professionals who give us the gift of coaching us in this Community!

And moreover, it affects both Script-Block and Custom-Block so it’s not a weakness of Script-Block alone as it happens sometimes!

But that does not prevent me from respecting your proposal and the extensive work you share with the Community.
You are one of the People who helped me not only to learn how to put functional code on a Script-Block but to be challenging in the way to design and improve it.

@Michelle_Valentine @Kasra @Emma_Yeap @Billy_Littlefield
Now I hope that Airtable’s DEV’s will take this request in their priorities not to make us wait 2 years to offer us an internal solution at Airtable!

Best,

oLπ

Tyler_Campbell
6 - Interface Innovator
6 - Interface Innovator
‎Jul 17, 2020 03:32 PM
‎Jul 17, 2020 03:32 PM

Funny that you posted this today and cors-anywhere put out an update today that prevents you from making more than 200 calls every 60 minutes (breaking one of my workstreams).

Glad to see some people are making some cool 3P stuff @openside!

openside
10 - Mercury
10 - Mercury
‎Jul 17, 2020 09:42 PM
‎Jul 17, 2020 09:42 PM

Thanks @Tyler_Campbell - give it a go and let us know if any issues.

Adam_Krell
4 - Data Explorer
4 - Data Explorer
‎Dec 13, 2020 04:09 PM
‎Dec 13, 2020 04:09 PM

For those looking for a solution to this issue, one that I’ve used is to create a Lambda on AWS with Api Gateway and configure the Lambda to return the proper headers to deal with CORS. Check out the documentation.

jamesvclements
6 - Interface Innovator
6 - Interface Innovator
‎Mar 17, 2023 02:10 PM
‎Mar 17, 2023 02:10 PM

Any updates on this? How's everyone handling cross-origin requests in their Airtable scripts? Just writing serverless functions elsewhere and calling those?

Copyright © 2024 Khoros, LLC