Security News
Crates.io Implements Trusted Publishing Support
Crates.io adds Trusted Publishing support, enabling secure GitHub Actions-based crate releases without long-lived API tokens.
By Sarah Gooding - Jul 16, 2025
You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP →
ui5-middleware-http-proxy
Advanced tools
ui5-middleware-http-proxy
custom ui5 middleware extension for proxying http requests
ui5-middleware-http-proxy
Custom UI5 middleware extension for proxying http requests using request with additional http basic authentication support.
Useful for proxying requests to a remote service from a local development enviroment or serving ui5 resources from a remote host.
Works well with openui5-sdk-docker.
Prerequisites
Make sure your project is using the latest UI5 Tooling.
Getting started
Install
Add custom middleware
Add the custom middleware as a devDependency to your project.
With yarn:
yarn add -D ui5-middleware-http-proxy
Or npm:
npm i -D ui5-middleware-http-proxy
Additionally the custom task needs to be manually defined as a ui5 dependency in your project's package.json:
{
"ui5": {
"dependencies": [
"ui5-middleware-http-proxy"
]
}
}
Register
Register custom middleware
Register the custom middleware in your project's ui5.yaml:
server:
customMiddleware:
# proxy for ui5 resources
- name: ui5-middleware-http-proxy
mountPath: /resources
afterMiddleware: compression
configuration:
baseUrl: https://openui5.hana.ondemand.com
path: /resources
# proxy for ui5 test resources
- name: ui5-middleware-http-proxy
mountPath: /test-resources
afterMiddleware: compression
configuration:
baseUrl: http://localhost:5000
path: /test-resources
# proxy for service with self signed certificate and http basic authentication
- name: ui5-middleware-http-proxy
mountPath: /service
afterMiddleware: compression
configuration:
debug: true
baseUrl: https://services.odata.org
path: /V2/Northwind/Northwind.svc
secure: false
auth:
user: kratos
pass: atreus
Additional configuration
Options
The custom middleware accepts the following configuration options:
| name | type | Description | mandatory | default | examples |
|---|---|---|---|---|---|
debug | boolean | enable/disable debug logs | no | false | true, false |
baseUrl | string | baseUrl for proxying requests | yes | - | https://services.odata.org, http://localhost:5000 |
path | string | path for proxying requests | no | / | /resources, /V2/Northwind/Northwind.svc |
secure | boolean | reject self-signed certificates | no | true | true, false |
auth | object | credentials for http basic authentication | no | - | |
auth.user | string | user for http basic authentication | no | - | kratos, env:HTTP_PROXY_AUTH_USER |
auth.pass | string | password for http basic authentication | no | - | atreus, env:HTTP_PROXY_AUTH_PASS |
Support for .env files
Support for .env files is provided by the dotenv module.
Simply prefix your .env variables for with env: and provide them as auth.user and auth.pass in your configuration.
Instead of taking the plain string value, the variable will then be resolved against your .env file.
Example configuration file:
server:
customMiddleware:
# proxy using .env credentials
- name: ui5-middleware-http-proxy
mountPath: /service
afterMiddleware: compression
configuration:
debug: true
baseUrl: https://services.odata.org
path: /V2/Northwind/Northwind.svc
secure: false
auth:
user: env:MY_HTTP_PROXY_AUTH_USER
pass: env:MY_HTTP_PROXY_AUTH_PASS
Example .env file:
MY_HTTP_PROXY_AUTH_USER=kratos
MY_HTTP_PROXY_AUTH_PASS=atreus
NOTE:
This is a breaking API change as of version ^2.0.0.
Version ^1.1.0 only supports static .env variables:
HTTP_PROXY_AUTH_USERHTTP_PROXY_AUTH_PASS
Example app
Please have look at bookshop-ui.
FAQs
custom ui5 middleware extension for proxying http requests
The npm package ui5-middleware-http-proxy receives a total of 208 weekly downloads. As such, ui5-middleware-http-proxy popularity was classified as not popular.
We found that ui5-middleware-http-proxy demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 03 Feb 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Tracking Protestware Spread: 28 npm Packages Affected by Payload Targeting Russian-Language Users
Undocumented protestware found in 28 npm packages disrupts UI for Russian-language users visiting Russian and Belarusian domains.
By Olivia Brown - Jul 15, 2025
Research
/Security News
Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader
North Korean threat actors deploy 67 malicious npm packages using the newly discovered XORIndex malware loader.
By Kirill Boychenko - Jul 14, 2025