This problem was first identified when I worked with open layer and Geoserver. My Geo server used apache tomcat and have been listening on 8088 port. And my web application uses apache which is listening on 8080 port. Now, when I made Asynchronous call using openlayer for a map layer of geoserver, my browser (firefox 3.5) had been blocking the request due to security issue. Interestingly, internet explorer (6) can do the request successfully. As a result I was stacked for couple hours and was searching for the solution.
This problem can be bypass in several ways,
We can create a proxy files which will bypass the cross domain request. The proxy page will receive a request, and then make a server side requested and response the output. Below I give a PHP solution of the proxy files,
File name: geoproxy.php
<!--?php $url=$_GET["url"]; $res = file_get_contents($url); echo $res; ?-->
This page receives the request and echoes the response. So, now we do not make ajax call the different port service directly, instead call the proxy page by “geoproxy.php?url=http://somedomain:port/ geoserver/wms?service=WMS&request=GetFeatureInfo”.
This solution has some security risk, because external user can use your bandwith for bypass their route. So, restrict the requester server by checking page referrer. To do that there needs small modification of existing code.
Requests can be bypass using apache mod_proxy.so module. It needs some configuration change in httpd.conf file. Uncomment below module in apache httpd.conf file,
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
Restart the apache. Now /geotest requeste are redirected.
Jquery JSONP can be excellent choice to work with cross domain ajax call.