It's Khayer, Bangladesh


Solution of Cross domain Ajax Call problem
July 4, 2010, 3:12 pm
Filed under: GIS | Tags: , , , ,

This problem was first identified when I worked with open layer and Geoserver. My Geo server used apache tomcat and have been listening on 8088 port. And my web application uses apache which is listening on 8080 port. Now, when I made Asynchronous call using openlayer for a map layer of geoserver, my browser (firefox 3.5) had been blocking the request due to security issue. Interestingly, internet explorer (6) can do the request successfully. As a result I was stacked for couple hours and was searching for the solution.

This problem can be bypass in several ways,

Solution 1
We can create a proxy files which will bypass the cross domain request. The proxy page will receive a request, and then make a server side requested and response the output. Below I give a PHP solution of the proxy files,
File name: geoproxy.php

<?php
$url=$_GET["url"];
$res = file_get_contents($url);
echo $res; 
?>

This page receives the request and echoes the response. So, now we do not make ajax call the different port service directly, instead call the proxy page by “geoproxy.php?url=http://somedomain:port/ geoserver/wms?service=WMS&request=GetFeatureInfo”.

This solution has some security risk, because external user can use your bandwith for bypass their route. So, restrict the requester server by checking page referrer. To do that there needs small modification of existing code.

Solution 2
Requests can be bypass using apache mod_proxy.so module. It needs some configuration change in httpd.conf file. Uncomment below module in apache httpd.conf file,
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so

Now add proxy bypass code below of the file,
ProxyPass /geotest http://localhost:8080/page.html
ProxyPassReverse /geotest http://localhost:8080/ page.html

Restart the apache. Now /geotest requeste are redirected.

Solution 3
We can use virtual host feature of apache.

I have used the solution 1 in my project because it does not need any server side configuration change.

………………………….
Khayer
GIS Programmer
CEGIS

Advertisement
3 Comments

3 Comments so far
Leave a comment

Nice post

Comment by Rafig July 6, 2010 @ 9:46 am

How can we make geoproxy.php more secure?

Comment by Evilinside April 23, 2011 @ 10:36 am

You can using some checking. Please check my previous reply

Comment by khayer April 23, 2011 @ 11:01 am


RSS feed for comments on this post. TrackBack URI


Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s



Follow

Get every new post delivered to your Inbox.