[Open.ogc] CORS Support for services.ogc.noaa.gov

Micah Wengren micah.wengren at noaa.gov
Tue Jun 18 18:22:32 UTC 2013 

Hi open.ogc at list.woc.noaa.gov,

I'm sending this thread I've been on with Tim back to the email list to 
see if we can expedite troubleshooting what the issue is with a CORS 
request from Tim's development server to services.ogc.noaa.gov. He's 
connecting from:

http://triggerfish2.nmfs.noaa.gov:9992

and trying to display one of our services on an OpenLayers map (and do a 
GetFeatureInfo request, which leads to the need  for CORS support).


I don't really have the answer to his question, anyone at the WOC know 
about accepting non-standard headers?

Tim, do you know why this header is required from your side, and what 
the server should be doing with it?

Thanks,
Micah

On 6/18/2013 2:05 PM, Tim Haverland - NOAA Federal wrote:
> Yeah, doesn't look like the port is an issue, however, my request is 
> sent with these headers:
>
> 1.
>     Access-Control-Request-Headers:
>     origin, x-requested-with
>
>
> I've read that the server may need to accept "non-standard" headers. 
> x-requested-with is a non-standard header. Is this accepted on the 
> server side?
>
> Tim
>
>
> On Tue, Jun 18, 2013 at 1:35 PM, Tim Haverland - NOAA Federal 
> <tim.haverland at noaa.gov <mailto:tim.haverland at noaa.gov>> wrote:
>
>     yes, response header says:
>
>     1.
>         Access-Control-Allow-Origin:
>         *.noaa.gov <http://noaa.gov>
>
>
>
>     On Tue, Jun 18, 2013 at 1:32 PM, Micah Wengren - NOAA Federal
>     <micah.wengren at noaa.gov <mailto:micah.wengren at noaa.gov>> wrote:
>
>         Hi Tim,
>
>         I don't know what bearing ports have on CORS.  Everything from
>         noaa.gov <http://noaa.gov> should be allowed though.  If you
>         examine http headers with firebug or something you should be
>         able to see the rule Chi added in the header list.  I believe
>         he would have added it for both http and https, but I'd have
>         to check. Not at my machine right now. It's more important for
>         http in this case...
>
>         Micah
>
>
>
>         On Tuesday, June 18, 2013, Tim Haverland - NOAA Federal
>         <tim.haverland at noaa.gov <mailto:tim.haverland at noaa.gov>> wrote:
>         > Micah, is CORS supported on the production version of
>         geoserver? I'm trying to implement my map in our content
>         management system, and get the following error:
>         > Origin http://triggerfish2.nmfs.noaa.gov:9992 is not allowed
>         by Access-Control-Allow-Origin.
>         >
>         > Maybe it's the port that's throwing things off?
>         > Tim
>         >
>         > On Thu, Jun 13, 2013 at 1:27 PM, Micah Wengren - NOAA
>         Federal <micah.wengren at noaa.gov
>         <mailto:micah.wengren at noaa.gov>> wrote:
>         >>
>         >> Hi Tim,
>         >>
>         >> We have *.noaa.gov <http://noaa.gov> enabled anyway for
>         CORS support now.  If you can copy your openlayers page to
>         your dev server and test it out and let me know if it works,
>         that would be great. Whenever you get a chance, no rush.
>         >>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://list.woc.noaa.gov/pipermail/open.ogc/attachments/20130618/8fcbda7d/attachment.html>

More information about the Open.ogc mailing list