- From: Nathan <nathan@webr3.org>
- Date: Wed, 27 Oct 2010 22:31:19 +0100
- To: Hugh Glaser <hg@ecs.soton.ac.uk>
- CC: Ian Davis <lists@iandavis.com>, Linked Data community <public-lod@w3.org>, Semantic Web <semantic-web@w3.org>, foaf-protocols <foaf-protocols@lists.foaf-project.org>
Cheers Hugh, Actually IIRC having two of them (well "*,*" is a problem - do see: http://httpd.apache.org/docs/2.0/mod/mod_headers.html For full details, short version is: "The directives provided by mod_headers can occur almost anywhere within the server configuration. They are valid in the main server config and virtual host sections, inside <Directory>, <Location> and <Files> sections, and within .htaccess files." Best, Nathan Hugh Glaser wrote: > Great stuff - thanks for the advice. > Done for sameas.org and *.rkbexplorer.com > > However, did it via .htaccess, and would prefer to do it in > /etc/httpd/http.conf, not least because the vhosts seems to make it end up > with two of them (which I assume is not illegal?) > Can anyone tell me the http.conf line that does the same thing, to help a > lazy citizen :-) > > Cheers > > On 23/10/2010 02:28, "Nathan" <nathan@webr3.org> wrote: > >> Hi Ian, >> >> Thanks, I can confirm the change has been successful :) >> >> However, one small note is that the conneg URIs such as >> http://productdb.org/gtin/00319980033520 do not expose the header, thus >> can't be used. >> >> In order to test yourself, simply do a curl -I request on the resource, >> for instance: >> >> curl -I http://productdb.org/gtin/00319980033520.rdf >> >> Also, I've just uploaded a small script which lets you enter a uri of an >> RDF/XML document, it'll try and pull it, parse it and display it as >> turtle for you - which is a good test of both CORS and the script ;) >> http://webr3.org/apps/play/api/test >> >> FYI, Dan has also made the change so the FOAF vocab is now exposed to JS. >> >> Best and thanks again, >> >> Nathan >> >> Ian Davis wrote: >>> Hi Nathan, >>> >>> I implemented this header on http://productdb.org/ (since I had the >>> code open). Can someone comfirm that it does what's expected (i.e. >>> allows off-domain requesting of data from productdb.org) >>> >>> One important thing to note. The PHP snippet you gave was slightly >>> wrong. The correct form is: >>> >>> header("Access-Control-Allow-Origin: *"); >>> >>> Cheers, >>> >>> Ian >>> >>> >>> On Sat, Oct 23, 2010 at 12:04 AM, Nathan <nathan@webr3.org> wrote: >>>> Hi All, >>>> >>>> Currently nearly all the web of linked data is blocked from access via >>>> client side scripts (javascript) due to CORS [1] being implemented in >>>> the >>>> major browsers. >>>> >>>> Whilst this is important for all data, there are many of you reading >>>> this >>>> who have it in your power to expose huge chunks of the RDF on the web >>>> to JS >>>> clients, if you manage any of the common ontologies or anything in the >>>> LOD >>>> cloud diagram, please do take a few minutes from your day to expose the >>>> single http header needed. >>>> >>>> Long story short, to allow js clients to access our "open" data we >>>> need to >>>> add one small HTTP Response header which will allow HEAD/GET and POST >>>> requests - the header is: >>>> Access-Control-Allow-Origin "*" >>>> >>>> This is both XMLHttpRequest (W3C) and XDomainRequest (Microsoft) >>>> compatible >>>> and supported by all the major browser vendors. >>>> >>>> Instructions for common servers follow: >>>> >>>> If you're on Apache then you can send this header by simply adding the >>>> following line to a .htaccess file in the dir you want to expose >>>> (probably >>>> site-root): >>>> Header add Access-Control-Allow-Origin "*" >>>> >>>> For NGINX: >>>> add_header Access-Control-Allow-Origin "*"; >>>> see: http://wiki.nginx.org/NginxHttpHeadersModule >>>> >>>> For IIS see: >>>> http://technet.microsoft.com/en-us/library/cc753133(WS.10).aspx >>>> >>>> In PHP you add the following line before any output has been sent from >>>> the >>>> server with: >>>> header("Access-Control-Allow-Origin", "*"); >>>> >>>> For anything else you'll need to check the relevant docs I'm afraid. >>>> >>>> Best & TIA, >>>> >>>> Nathan >>>> >>>> [1] http://dev.w3.org/2006/waf/access-control/ >>>> >>>> >>> >> > > >
Received on Wednesday, 27 October 2010 21:32:21 UTC