iframe & Swagger UI - Use a static IP proxy to get internal pages from an organization's network
Mor Paz - Port team
Today widgets such as the iframe widget and the Open/AsyncAPI widget are able to query resources based on a URL provided by the user.
When such a URL is provided, the query for data in the URL is performed by the user's browser.
While this approach is simple, it makes it impossible to query internal resources from the user's organizational network, unless the user logs in to his organization's VPN, and that VPN allows access to that resource.
This feature aims to solve this issue by changing the way the querying works, in the new solution, when an iframe or Open/AsyncAPI spec is requested, instead of the user's browser making the request, Port itself will make the request to the organizational network. Since Port is a static service and not a user's browser, it has a closed list of static IPs it can make the request from, making it possible to whitelist those IPs and allow those requests to go through the organizational network to those specific resources.
This will make it possible to account for all possible use cases:
- Querying a fully public URL
- Querying a private URL that is usually accessible using a VPN, by utilizing API whitelisting
- Querying a private URL that is not accessible using a VPN, by utilizing API whitelisting and allowing Port's closed set of IPs from the list to access the internal resource without authentication
Hila Kashai
Merged in a post:
Fetching documentation schema Async API & Open API via Port proxy
Zbigniew M (ferror)
Currently the async and open api schemas are fetched via client / browser requests which brings problem with authentication and overall security. Most of the time API schema is proprietary and cannot be exposed to the public.