Solution of Cross domain Ajax Call problem


This problem was first identified when I worked with open layer and Geoserver. My Geo server used apache tomcat and have been listening on 8088 port. And my web application uses apache which is listening on 8080 port. Now, when I made Asynchronous call using openlayer for a map layer of geoserver, my browser (firefox 3.5) had been blocking the request due to security issue. Interestingly, internet explorer (6) can do the request successfully. As a result I was stacked for couple hours and was searching for the solution.

This problem can be bypass in several ways,

Solution 1
We can create a proxy files which will bypass the cross domain request. The proxy page will receive a request, and then make a server side requested and response the output. Below I give a PHP solution of the proxy files,
File name: geoproxy.php

<!--?php $url=$_GET["url"]; $res = file_get_contents($url); echo $res;  ?-->

This page receives the request and echoes the response. So, now we do not make ajax call the different port service directly, instead call the proxy page by “geoproxy.php?url=http://somedomain:port/ geoserver/wms?service=WMS&request=GetFeatureInfo”.

This solution has some security risk, because external user can use your bandwith for bypass their route. So, restrict the requester server by checking page referrer. To do that there needs small modification of existing code.

Solution 2
Requests can be bypass using apache mod_proxy.so module. It needs some configuration change in httpd.conf file. Uncomment below module in apache httpd.conf file,
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so

Now add proxy bypass code below of the file,
ProxyPass /geotest http://localhost:8080/page.html
ProxyPassReverse /geotest http://localhost:8080/ page.html

Restart the apache. Now /geotest requeste are redirected.

Solution 3
Jquery JSONP can be excellent choice to work with cross domain ajax call.

 

………………………….

Khayer
GIS Programmer
CEGIS

Advertisements

8 thoughts on “Solution of Cross domain Ajax Call problem

  1. Hi i like the way y.ou make this look so simple. How would you work around a Lighttpd server with the same cross domain problem?

  2. Hi there, I just stumbled on the the same problem and found two different approaches. What do you think about them.

    1. http://software.dzhuvinov.com/cors-filter-installation.html
    Enable CORS in Tomcat

    2. geoserver proxy extension
    http://geoserver.org/display/GEOS/GeoServer+Proxy+Extension
    You have to be aware of the version. If you are using 2.1.x you will need another version. I tried this option, but can not figure out how to bypass the SOP with the proxy.

  3. hi thank you so much for this post that helped me a lot , but actually i have a problem! I used the first solution but the function get_file_centent send me an error that it failed to open stream :/ any idea ??

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s