[英]Azure Table Storage Rest call through javascript
I am building an application with Django. 我正在使用Django构建应用程序。 The application uses Azure Table storage for storing raw data.
该应用程序使用Azure表存储来存储原始数据。 I want the users to have access to that data.
我希望用户可以访问该数据。 Actually the user's end side will continuously request data from the table so I cannot afford having the server make all those calls and then send the data to the users.
实际上,用户端将不断从表中请求数据,因此我负担不起服务器进行所有这些调用然后将数据发送给用户。 Instead I want to have the users request the data directly from Azure.
相反,我希望用户直接从Azure请求数据。
Is it possible to do that through javascript? 是否可以通过javascript做到这一点? Do you think something like that is a viable solution?
您认为这样的解决方案可行吗? Also, can you describe the security implications involved in this procedure?
此外,您能否描述此过程涉及的安全性?
update 更新
I found this answer which was asked 2 years ago and states that you cannot make calls from javascript. 我找到了 2年前问过的答案,并指出您无法通过javascript拨打电话。 Is this still relevant?
这仍然有意义吗?
Is it possible to do that through javascript?
是否可以通过javascript做到这一点?
Absolutely yes. 绝对没错。 In fact, this is the foundation of the product I have built.
实际上,这是我构建的产品的基础。 Though there are certain things you would need to do first.
尽管有些事情您首先需要做。
Enable CORS 启用CORS
Since the JavaScript served from your domain will access resources from your storage account, by default this will be disabled by the browser as it is a cross-domain request. 由于从您的域提供的JavaScript将访问您存储帐户中的资源,因此默认情况下,浏览器会禁用它,因为这是跨域请求。 What you would need to do is enable CORS on the Table Service on your storage account to allow cross-domain requests.
您需要做的是在存储帐户的表服务上启用CORS,以允许跨域请求。 Please note that this is a one time operation that you would need to do per domain/storage account combination.
请注意,这是一个一次性操作,您需要针对每个域/存储帐户组合进行此操作。 To learn more about Azure Storage and CORS, please see this link: https://msdn.microsoft.com/en-us/library/azure/dn535601.aspx .
要了解有关Azure存储和CORS的更多信息,请参见以下链接: https : //msdn.microsoft.com/en-us/library/azure/dn535601.aspx 。
Use Shared Access Signature 使用共享访问签名
Once the CORS is enabled, next thing you would need to do in your application is to make use of Shared Access Signature (SAS) . 启用CORS后,您在应用程序中要做的下一步就是利用共享访问签名(SAS) 。 A SAS will ensure that you're not sharing your storage account key in JavaScript (visible to all users) + it will give time-bound permissions (read/write/delete based on your requirements) to the users using your application.
SAS将确保您不会在JavaScript中共享存储帐户密钥(对所有用户可见),并且会为使用您的应用程序的用户提供时间限制的权限(根据您的要求进行读/写/删除)。 To learn more about SAS, please see these links: https://azure.microsoft.com/en-in/documentation/articles/storage-dotnet-shared-access-signature-part-1/ & http://blogs.msdn.com/b/windowsazurestorage/archive/2012/06/12/introducing-table-sas-shared-access-signature-queue-sas-and-update-to-blob-sas.aspx .
要了解有关SAS的更多信息,请参见以下链接: https : //azure.microsoft.com/en-in/documentation/articles/storage-dotnet-shared-access-signature-part-1/和http:// blogs。 msdn.com/b/windowsazurestorage/archive/2012/06/12/introducing-table-sas-shared-access-signature-queue-sas-and-update-to-blob-sas.aspx 。
Consume Table Service REST API 消费表服务REST API
Once these things are done, all you have to do is consume Table Service REST API. 完成这些操作后,您要做的就是使用Table Service REST API。 You would use AJAX for that purpose.
您将为此目的使用AJAX。 For Table Service REST API operations, please see this link: https://msdn.microsoft.com/en-us/library/azure/dd179423.aspx .
有关Table Service REST API的操作,请参见以下链接: https : //msdn.microsoft.com/zh-cn/library/azure/dd179423.aspx 。
Also, can you describe the security implications involved in this procedure?
此外,您能否描述此过程涉及的安全性?
As far as security implications are concerned, please ensure that: 就安全性而言,请确保:
HTTPS
to avoid man-in-the-middle attacks. HTTPS
以避免中间人攻击。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.