An easy way of preventing unwanted visitors at the door of your private cloud is by using a whitelist. I was working on an integration between SugarCRM and some kind of a SAAS solution. Perhaps you can see the problem there already…
The company of this SAAS solution could not provide me an IP-address to whitelist. No, they say, our servers scale dynamically and we have no control over the addresses. With that my hopes to whitelist a range were gone too. Probably some kind of Amazon AWS situation going on there.

Solution: use a proxy

To shorten my story of searching for an online proxy (i think they all use Amazons services, no fixed addresses with reasonable price-tags for this current purpose attached) i ended up coding in NodeJS.
Appears NodeJS has some neat support for setting up a proxy. The only problem there. A proper proxy forwards information about the requests’ sender in which the whitelist does not look at the proxies address but rather at the original sender’s address.
I don’t have to like the sender to like the data, or do i?

Too much information…

New solution: make a fake-proxy

By only forwarding headers Content-Type and Content-Length i can now successfully forward the requests and return responses.

You can view the result – with an end-to-end example – on GitHub or install using npm.

$ npm install fake-proxy

An example of how you can implement the fake-proxy:

var proxy = require('fake-proxy');
    proxy: {
        app: app, // add the proxy to your Express instance 
        path: '/fake-proxy', // path the SAAS may send it's requests to
        allowed_methods: ['GET', 'POST', 'DELETE', 'PUT']
    recipient: {
        host: '',
        port: 80,
        protocol: 'http', // or https
        path: '/path/to/your/service'