Merchant Center Proxy Router
When you navigate through the Merchant Center, you can switch between the different Custom Applications available in your Projects, no matter if they are commercetools applications or something developed externally.
You might have noticed that the URL of the Merchant Center is always using the same origin, and only the URI part changes depending on the Project and application.
This way it looks like you are using one single web application even though underneath there are multiple Custom Applications.
Every initial request to render the page goes through a server component called Merchant Center Proxy Router.
This server is primarily responsible for matching the incoming request to the appropriate Custom Application and to forward the request to the actual location of the Custom Application. The response then should be serving the
index.html of the Custom Application.
For example, the user tries to access the
/:projectKey/products URL. The request goes through the Proxy Router which successfully matches the
products identifier. The Proxy Router then loads the related configuration for the Products application (assuming that the application is installed for the given
projectKey) and forwards the request to the location where the Custom Application is hosted. The
index.html is then returned as a response and the Proxy Router forwards that to the browser. The Products application renders.
The same principle applies to any Custom Application:
- Matching of the
- Loading configuration of Custom Application based on the Project access.
- Forwarding of request to Custom Application URL.
- Serving of
The Merchant Center Proxy Router enforces the following HTTP security headers when serving the response from the Custom Application location:
X-XSS-Protection: '1; mode=block'