Cross-Origin Access Issues? An API Solution to an API-Driven Phenomenon
Amazon S3 recently announced support for Cross-Origin Resource Sharing (CORS). What’s the big deal? Now apps can call the S3 API directly. But weren’t apps always calling the S3 API directly? Yes and no.
As API-driven services like Amazon S3, Dropbox, Google Maps and Flickr become more and more powerful there’s less and less need to build a full web stack (check out the first few slides of Ed Anuff’s recent webcast on Building a Mobile Data Platform with Cassandra). The features a developer might have spent months building in PHP, they now get immediately at scale from API-based services. As a result, there’s no compelling need to have a web stack. Instead, you want to make the web API calls directly from the web browser.
Now that Amazon supports CORS everything is fantastic! Unless, of course, you rely on an API that you don’t control and that API hasn’t yet adopted CORS. Unfortunately, there are many app developers who rely on APIs they don’t control. And many APIs don’t yet support CORS. However, instead of resorting to an old-fashioned web stack, you can use an API proxy to solve this problem.
An API solution to an API-driven phenomenon.
With Apigee Gateway Services, you can transform any API into a CORS-compliant API without changing the original. This short screencast demonstrates how it’s done.