A proxy page handles communication between your application and ArcGIS Server services. The proxy is server-side code that resides on your Web Server and handles incoming requests from a browser based application. The proxy accepts the request and forwards it to ArcGIS Server for processing.
There are three situations where you’d use a proxy page in your ArcGIS Server API for JavaScript applications. The first instance is when your application creates requests that exceed 2048 characters. This is often the case when your application performs buffering of complex polygons in conjunction with queries or any other application function that performs some type of geometry operation. To handle this instance the proxy page performs a POST operation which is not subject to the 2048 character limitation when using GET requests. You’ll also need to use a proxy page when your application uses services secured with token-based authentication and you don’t want the user to be able to view the token or you don’t want to transmit the token between the application and web server. Finally, any application that requires feature editing will need to use a proxy page.
There are four basic steps to installing and configuring your proxy page. First, download and configure the proxy page for your server. This can be ASP.NET, PHP, or Java/JSP. Next, add code to your application to enable the use of the proxy. In step 3, secure your web application if you plan to use tokens. Finally, test your application to make sure the proxy is working as expected. Detailed instructions for installing and configuring your proxy page is provided by ESRI at the links provided on above.
Coding your application to use a proxy page requires only a couple lines of code. Normally you’d put this in your ‘init’ function which runs on startup. You’ll need to provide the Url for the location of the proxy page and the ‘alwaysUseProxy’ property can be set to either true or false. If your application will be using tokens you’ll want to set this value to true, but otherwise it can be set to false if you know that not all requests will need the proxy. This would be the case in an editing application or an application where only some requests would exceed the 2048 character limitation.