Create a cross-origin filter in jetty.xml to allow remote requests

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Create a cross-origin filter in jetty.xml to allow remote requests

uk52rob
Hi,

How do I create a cross-origin filter in the jetty XML file to allow a XMLHttpRequest through from another webserver? The usual "Origin (site-name) is not allowed by Access-Control-Allow-Origin" appears.

Thanks
Reply | Threaded
Open this post in threaded view
|

Re: Create a cross-origin filter in jetty.xml to allow remote requests

Simone Bordet-2
Hi,

On Fri, Jul 13, 2012 at 6:23 PM, uk52rob <[hidden email]> wrote:
> Hi,
>
> How do I create a cross-origin filter in the jetty XML file to allow a
> XMLHttpRequest through from another webserver? The usual "Origin (site-name)
> is not allowed by Access-Control-Allow-Origin" appears.

Sorry, I do not understand your problem.

CrossOriginFilter works out of the box with XMLHttpRequests.

Simon
--
http://cometd.org
http://webtide.com
Developer advice, services and support
from the Jetty & CometD experts.
----
Finally, no matter how good the architecture and design are,
to deliver bug-free software with optimal performance and reliability,
the implementation technique must be flawless.   Victoria Livschitz

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email


Reply | Threaded
Open this post in threaded view
|

Re: Create a cross-origin filter in jetty.xml to allow remote requests

uk52rob
Hi Simon,

Jetty runs as part of the GeoServer 2.1.4 package (http://geoserver.org/display/GEOS/Welcome), which hosts itself on port 8080.

I have an IIS server on another port with another website, which runs a front-end to the Jetty instance on port 8080. The site uses javascript with XMLHttpRequest which works fine with images, but will not allow XML to be passed between the two sites.

Is there a way of adding a CrossOriginFilter to the Jetty instance configuration to allow these XML requests between domains / ports?

When attempting to XMLHttpRequest to http://geoserver.testdomain.com:8080, the console log currently states:

"Origin https://geoserver.testdomain.com:443 is not allowed by Access-Control-Allow-Origin".

Thanks
Reply | Threaded
Open this post in threaded view
|

Re: Create a cross-origin filter in jetty.xml to allow remote requests

Simone Bordet-2
Hi,

On Fri, Jul 13, 2012 at 7:55 PM, uk52rob <[hidden email]> wrote:

> Hi Simon,
>
> Jetty runs as part of the GeoServer 2.1.4 package
> (http://geoserver.org/display/GEOS/Welcome), which hosts itself on port
> 8080.
>
> I have an IIS server on another port with another website, which runs a
> front-end to the Jetty instance on port 8080. The site uses javascript with
> XMLHttpRequest which works fine with images, but will not allow XML to be
> passed between the two sites.
>
> Is there a way of adding a CrossOriginFilter to the Jetty instance
> configuration to allow these XML requests between domains / ports?
>
> When attempting to XMLHttpRequest to http://geoserver.testdomain.com:8080,
> the console log currently states:
>
> "Origin https://geoserver.testdomain.com:443 is not allowed by
> Access-Control-Allow-Origin".

I can't help you much, too many information are missing.

If you have configured the COF to allow that origin, if you have a
browser that supports CORS, if your request uses methods and headers
that are allowed, then COF will grant you access.

To tell something, I need all HTTP exchanges that leads to the "now
allowed" log. BTW you did not say what component logged that message.

Simon
--
http://cometd.org
http://webtide.com
Developer advice, services and support
from the Jetty & CometD experts.
----
Finally, no matter how good the architecture and design are,
to deliver bug-free software with optimal performance and reliability,
the implementation technique must be flawless.   Victoria Livschitz

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email