Reputation: 7621
Azure Table Storage Rest call through javascript
I am building an application with Django. The application uses Azure Table storage for storing raw data. I want the users to have access to that data. Actually the user's end side will continuously request data from the table so I cannot afford having the server make all those calls and then send the data to the users. Instead I want to have the users request the data directly from Azure.
Is it possible to do that through javascript? Do you think something like that is a viable solution? Also, can you describe the security implications involved in this procedure?
update
I found this answer which was asked 2 years ago and states that you cannot make calls from javascript. Is this still relevant?
Upvotes: 0
Views: 1291
Answers (1)
Reputation: 136334
Is it possible to do that through javascript?
Absolutely yes. In fact, this is the foundation of the product I have built. Though there are certain things you would need to do first.
Enable CORS
Since the JavaScript served from your domain will access resources from your storage account, by default this will be disabled by the browser as it is a cross-domain request. What you would need to do is enable CORS on the Table Service on your storage account to allow cross-domain requests. Please note that this is a one time operation that you would need to do per domain/storage account combination. To learn more about Azure Storage and CORS, please see this link: https://msdn.microsoft.com/en-us/library/azure/dn535601.aspx.
Use Shared Access Signature
Once the CORS is enabled, next thing you would need to do in your application is to make use of Shared Access Signature (SAS). A SAS will ensure that you're not sharing your storage account key in JavaScript (visible to all users) + it will give time-bound permissions (read/write/delete based on your requirements) to the users using your application. To learn more about SAS, please see these links: https://azure.microsoft.com/en-in/documentation/articles/storage-dotnet-shared-access-signature-part-1/ & http://blogs.msdn.com/b/windowsazurestorage/archive/2012/06/12/introducing-table-sas-shared-access-signature-queue-sas-and-update-to-blob-sas.aspx.
Consume Table Service REST API
Once these things are done, all you have to do is consume Table Service REST API. You would use AJAX for that purpose. For Table Service REST API operations, please see this link: https://msdn.microsoft.com/en-us/library/azure/dd179423.aspx.
Also, can you describe the security implications involved in this procedure?
As far as security implications are concerned, please ensure that:
- The time period for which is SAS is valid is just right. You don't want to create a SAS which is active for more than what is required for a user to perform the operation.
- You don't give out permissions in the SAS which are not required. For example, if all you want a user to do is read entities from table then only give read permissions. Do not give write/delete permissions.
- If possible, apply IP ACL to your SAS so that the SAS is only used from the IP addresses defined in the SAS. This will discourage users from sharing the SAS.
- Enforce
HTTPSto avoid man-in-the-middle attacks.
Upvotes: 2
Related Questions
- Map vs Object in JavaScript
- No 'Access-Control-Allow-Origin' header is present on the requested resource—when trying to get data from a REST API
- Loop through an array in JavaScript
- How to loop through a plain JavaScript object with the objects as members
- Is Safari on iOS 6 caching $.ajax results?
- Stop setInterval call in JavaScript
- If REST applications are supposed to be stateless, how do you manage sessions?
- How do I loop through or enumerate a JavaScript object?