W3C home > Mailing lists > Public > public-lod@w3.org > October 2010

Re: Please allow JS access to Ontologies and LOD

From: Martin Hepp <martin.hepp@ebusiness-unibw.org>
Date: Mon, 25 Oct 2010 15:44:40 +0200
To: nathan@webr3.org
Message-Id: <2813075D-3DE6-4B74-B167-BB340C62AF4A@ebusiness-unibw.org>
Cc: Ian Davis <lists@iandavis.com>, Linked Data community <public-lod@w3.org>, Semantic Web <semantic-web@w3.org>, foaf-protocols <foaf-protocols@lists.foaf-project.org>
Hi Nathan, all:

I just fixed this for GoodRelations

    http://purl.org/goodrelations/v1

and the Vehicle Sales Ontology (VSO):

   http://purl.org/vso/ns

Best wishes

Martin


On 23.10.2010, at 03:28, Nathan wrote:

> Hi Ian,
>
> Thanks, I can confirm the change has been successful :)
>
> However, one small note is that the conneg URIs such as http://productdb.org/gtin/00319980033520 
>  do not expose the header, thus can't be used.
>
> In order to test yourself, simply do a curl -I request on the  
> resource, for instance:
>
> curl -I http://productdb.org/gtin/00319980033520.rdf
>
> Also, I've just uploaded a small script which lets you enter a uri  
> of an RDF/XML document, it'll try and pull it, parse it and display  
> it as turtle for you - which is a good test of both CORS and the  
> script ;)
>  http://webr3.org/apps/play/api/test
>
> FYI, Dan has also made the change so the FOAF vocab is now exposed  
> to JS.
>
> Best and thanks again,
>
> Nathan
>
> Ian Davis wrote:
>> Hi Nathan,
>> I implemented this header on http://productdb.org/ (since I had the
>> code open). Can someone comfirm that it does what's expected (i.e.
>> allows off-domain requesting of data from productdb.org)
>> One important thing to note. The PHP snippet you gave was slightly
>> wrong. The correct form is:
>> header("Access-Control-Allow-Origin: *");
>> Cheers,
>> Ian
>> On Sat, Oct 23, 2010 at 12:04 AM, Nathan <nathan@webr3.org> wrote:
>>> Hi All,
>>>
>>> Currently nearly all the web of linked data is blocked from access  
>>> via
>>> client side scripts (javascript) due to CORS [1] being implemented  
>>> in the
>>> major browsers.
>>>
>>> Whilst this is important for all data, there are many of you  
>>> reading this
>>> who have it in your power to expose huge chunks of the RDF on the  
>>> web to JS
>>> clients, if you manage any of the common ontologies or anything in  
>>> the LOD
>>> cloud diagram, please do take a few minutes from your day to  
>>> expose the
>>> single http header needed.
>>>
>>> Long story short, to allow js clients to access our "open" data we  
>>> need to
>>> add one small HTTP Response header which will allow HEAD/GET and  
>>> POST
>>> requests - the header is:
>>> Access-Control-Allow-Origin "*"
>>>
>>> This is both XMLHttpRequest (W3C) and XDomainRequest (Microsoft)  
>>> compatible
>>> and supported by all the major browser vendors.
>>>
>>> Instructions for common servers follow:
>>>
>>> If you're on Apache then you can send this header by simply adding  
>>> the
>>> following line to a .htaccess file in the dir you want to expose  
>>> (probably
>>> site-root):
>>> Header add Access-Control-Allow-Origin "*"
>>>
>>> For NGINX:
>>> add_header Access-Control-Allow-Origin "*";
>>> see: http://wiki.nginx.org/NginxHttpHeadersModule
>>>
>>> For IIS see:
>>> http://technet.microsoft.com/en-us/library/cc753133(WS.10).aspx
>>>
>>> In PHP you add the following line before any output has been sent  
>>> from the
>>> server with:
>>> header("Access-Control-Allow-Origin", "*");
>>>
>>> For anything else you'll need to check the relevant docs I'm afraid.
>>>
>>> Best & TIA,
>>>
>>> Nathan
>>>
>>> [1] http://dev.w3.org/2006/waf/access-control/
>>>
>>>
>
>
Received on Monday, 25 October 2010 13:46:21 UTC

This archive was generated by hypermail 2.3.1 : Sunday, 31 March 2013 14:24:29 UTC