0👍
You can have multiple options here
-
Remove the firewall rule –
This will allow your API to get hit from browser. If firewall is not managed by you you can’t do this -
Add IP or Port exception rule in firewall –
Instead of deactivating the entire inbound rule on server, you can allow specific ports or IP on firewall. Again if you have control on firewall -
Create Proxy API –
Another way is you can create a middleware API that forwards your request and acts as a proxy. This will suffice performance, resource, time and compromise security. I recommend not to do this, But it’s easily possible in .NET Core -
Specify CORS policy –
If your Vue.js and API originates from same origin (IP), You can configure CORS in server which will restrict access to API only from same origin. That means only www.google.com can access GoogleAPI, Likewise. This will protect the API from other origins -
Tunnel via VPN –
If security is a concern, Use a VPN service to tunnel your API requests. This can’t be possible for every client using your web service.
The best way is to open a specific rule on server for your application if possible. Writing a proxy in between will have lot of disadvantages although can be accomplished.
- [Vuejs]-How to set min and max value in bootstrap timePicker?
- [Vuejs]-Vue JS external Android library interaction (Zebra)