<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">Hi <a class="moz-txt-link-abbreviated" href="mailto:open.ogc@list.woc.noaa.gov">open.ogc@list.woc.noaa.gov</a>,<br>
<br>
I'm sending this thread I've been on with Tim back to the email
list to see if we can expedite troubleshooting what the issue is
with a CORS request from Tim's development server to
services.ogc.noaa.gov. He's connecting from: <br>
<br>
<a moz-do-not-send="true"
href="http://triggerfish2.nmfs.noaa.gov:9992" target="_blank">http://triggerfish2.nmfs.noaa.gov:9992</a><br>
<br>
and trying to display one of our services on an OpenLayers map
(and do a GetFeatureInfo request, which leads to the need for
CORS support). <br>
<br>
<br>
I don't really have the answer to his question, anyone at the WOC
know about accepting non-standard headers?<br>
<br>
Tim, do you know why this header is required from your side, and
what the server should be doing with it?<br>
<br>
Thanks,<br>
Micah<br>
<br>
On 6/18/2013 2:05 PM, Tim Haverland - NOAA Federal wrote:<br>
</div>
<blockquote
cite="mid:CA+PWDsDOXbhuHKNKEfrbhQb4-0SNcS6KrgPU3LsKd104YMdRxg@mail.gmail.com"
type="cite">
<div dir="ltr">Yeah, doesn't look like the port is an issue,
however, my request is sent with these headers:
<div><br>
</div>
<div>
<ol class=""
style="margin:0px;color:rgb(0,0,0);min-width:100%;list-style-type:none;font-family:'Segoe
UI',Tahoma,sans-serif;font-size:11px;padding:2px
6px!important">
<li title="" style="padding:0px 0px 0px
14px;margin-top:1px;word-wrap:break-word;white-space:nowrap">
<div class=""
style="color:rgb(84,84,84);display:inline-block;margin-right:0.5em;font-weight:bold;vertical-align:top;white-space:pre-wrap">Access-Control-Request-Headers:</div>
<div class="" style="font-family:Consolas,'Lucida
Console',monospace;white-space:pre-wrap;display:inline;margin-right:100px;word-break:break-all;margin-top:1px;font-size:12px!important">origin,
x-requested-with</div>
</li>
</ol>
</div>
<div><br>
</div>
<div style="">I've read that the server may need to accept
"non-standard" headers. <span
style="color:rgb(0,0,0);font-family:Consolas,'Lucida
Console',monospace;font-size:12px;white-space:pre-wrap">
x-requested-with </span>is a non-standard header. Is this
accepted on the server side?</div>
<div style=""><br>
</div>
<div style="">Tim</div>
</div>
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">On Tue, Jun 18, 2013 at 1:35 PM, Tim
Haverland - NOAA Federal <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:tim.haverland@noaa.gov" target="_blank">tim.haverland@noaa.gov</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">yes, response header says:
<ol
style="list-style-type:none;min-width:100%;font-size:11px;font-family:'Segoe
UI',Tahoma,sans-serif;margin:0px;padding:2px
6px!important">
<li title="" style="padding:0px 0px 0px
14px;margin-top:1px;word-wrap:break-word;white-space:nowrap">
<div
style="color:rgb(84,84,84);display:inline-block;margin-right:0.5em;font-weight:bold;vertical-align:top;white-space:pre-wrap">Access-Control-Allow-Origin:</div>
<div style="font-family:Consolas,'Lucida
Console',monospace;white-space:pre-wrap;display:inline;margin-right:100px;word-break:break-all;margin-top:1px;font-size:12px!important">*.<a
moz-do-not-send="true" href="http://noaa.gov"
target="_blank">noaa.gov</a></div>
</li>
</ol>
</div>
<div class="HOEnZb">
<div class="h5">
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">On Tue, Jun 18, 2013 at 1:32
PM, Micah Wengren - NOAA Federal <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:micah.wengren@noaa.gov"
target="_blank">micah.wengren@noaa.gov</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">Hi
Tim,<br>
<br>
I don't know what bearing ports have on CORS.
Everything from <a moz-do-not-send="true"
href="http://noaa.gov" target="_blank">noaa.gov</a>
should be allowed though. If you examine http
headers with firebug or something you should be
able to see the rule Chi added in the header list.
I believe he would have added it for both http
and https, but I'd have to check. Not at my
machine right now. It's more important for http in
this case...<span><font color="#888888"><br>
<br>
Micah</font></span>
<div>
<div><br>
<br>
<br>
On Tuesday, June 18, 2013, Tim Haverland -
NOAA Federal <<a moz-do-not-send="true"
href="mailto:tim.haverland@noaa.gov"
target="_blank">tim.haverland@noaa.gov</a>>
wrote:<br>
> Micah, is CORS supported on the
production version of geoserver? I'm trying to
implement my map in our content management
system, and get the following error:<br>
> Origin <a moz-do-not-send="true"
href="http://triggerfish2.nmfs.noaa.gov:9992"
target="_blank">http://triggerfish2.nmfs.noaa.gov:9992</a>
is not allowed by Access-Control-Allow-Origin.<br>
><br>
> Maybe it's the port that's throwing
things off?<br>
> Tim<br>
><br>
> On Thu, Jun 13, 2013 at 1:27 PM, Micah
Wengren - NOAA Federal <<a
moz-do-not-send="true"
href="mailto:micah.wengren@noaa.gov"
target="_blank">micah.wengren@noaa.gov</a>>
wrote:<br>
>><br>
>> Hi Tim,<br>
>><br>
>> We have *.<a moz-do-not-send="true"
href="http://noaa.gov" target="_blank">noaa.gov</a>
enabled anyway for CORS support now. If you
can copy your openlayers page to your dev
server and test it out and let me know if it
works, that would be great. Whenever you get a
chance, no rush.<br>
>><br>
</div>
</div>
</blockquote>
</div>
</div>
</div>
</div>
</blockquote>
</div>
</div>
</blockquote>
<br>
</body>
</html>