Using PubNub as a secure edge to your web page.
Python JavaScript
Switch branches/tags
Nothing to show
Pull request Compare This branch is 1 commit ahead of dristic:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.

PubNub Secure Edge

Close your Firewall 100% and use the PubNub Global Real-time Network.

PubNub Secure Edge

The PubNub Secure Edge takes a HTTP Traffic and routes requests through the PubNub Network. This allows your web site to be behind a 100% closed firewall yet still accept and respond to web requests.

PubNub JavaScript Terminator

The client works by making the initial page request and optionally intercepting all AJAX and link requests after the page is loaded. The first step is initialzing a connection with pubnub and then initializing the secure edge object.

// Initialize the PubNub connection.
this.pubnub = PUBNUB.init({
  subscribe_key: "demo",
  publish_key: "demo"

// Initialize the secure edge object.
this.secureEdge = new PubNubSecureEdge({
  connection: this.pubnub,
  intercept_ajax: true,
  intercept_links: true,
  intercept_forms: true,
  callback: function () {
    // Call the first page request.
    secureEdge.sendRequest(window.location.href, "GET");

Traditional REST vs PubNub Secure Edge

Traditional REST API

PubNub Secure Edge

vs. PubNub Secure Edge

PubNub Secure Edge

PubNub Python Terminator

The server is started by cd-ing into the server directory and running

./ <channel name>


./ server

This will start the secure edge terminator locally and redirect all traffic to localhost:80.

Video Details

PubNub - Close Your Firewall

  1. Show URL via Port 80 Request.
  2. Close all Ports on the EC2 Firewall.
  3. Show Inaccessible URL.
  4. Show Bootstrap w/ PubNub Termintor: ./client/index.html#web/example.html
  5. It works!

Practical Applications

  1. Using the enahced security model to broker your REST API interfaces behind the corporate firewalls.
  2. To a lesser extent though still applicable you can use this wrapper to re-route html page navigation.


Note that there are limitations.

  1. Max Message Size: 7.4KB - Solution is to Chunk Responses beyond this range.
  2. Right now the terminators establish Public Routes which means anyone, anywhere, can send/receive information based on channel ID. However this can be resolved in several fashions.
    1. One way is to use two sets of PubNub keys to prevent a rouge injecting feedback responses altogether. Done.
    2. In addition you can also enable Cipher Key AES Cryptography, Bidirectionally! Obviously as long as you don't transmit the cipher key, rouges are blocked from intercepting the inbound request.
    3. Also PubNub is working on a new edge based perimeter service which provides enhanced authority controls routes and clients.

PubNub Secure Edge

PubNubSecureEdge JS Class


Sets up all interceptions that are turned on and subscribes to page updates.


  • connection The pubnub connection object.
  • uuid (optional) A custom UUID if the connection was created with one.
  • intercept_ajax (optional) If the secure edge should intercept all AJAX calls.
  • intercept_links (optional) If the secure edge should intercept anchor tag clicks.
  • intercept_forms (optional) If the secure edge should intercept form posts.
  • callback (optional) The function to call after the secure edge has subscribed to the user channel.


Handles the secure edge response from the server. Looks for message.html to load into the window.

sendRequest(url, method)

Sends a request to the secure edge server for a given page. Example:

secureEdge.sendRequest('', 'GET');


Unsubscribes from the user response channel and deletes all object references.