- From: Ian Davis <lists@iandavis.com>
- Date: Sat, 23 Oct 2010 02:10:47 +0100
- To: nathan@webr3.org
- Cc: Linked Data community <public-lod@w3.org>, Semantic Web <semantic-web@w3.org>, foaf-protocols <foaf-protocols@lists.foaf-project.org>
Hi Nathan, I implemented this header on http://productdb.org/ (since I had the code open). Can someone comfirm that it does what's expected (i.e. allows off-domain requesting of data from productdb.org) One important thing to note. The PHP snippet you gave was slightly wrong. The correct form is: header("Access-Control-Allow-Origin: *"); Cheers, Ian On Sat, Oct 23, 2010 at 12:04 AM, Nathan <nathan@webr3.org> wrote: > Hi All, > > Currently nearly all the web of linked data is blocked from access via > client side scripts (javascript) due to CORS [1] being implemented in the > major browsers. > > Whilst this is important for all data, there are many of you reading this > who have it in your power to expose huge chunks of the RDF on the web to JS > clients, if you manage any of the common ontologies or anything in the LOD > cloud diagram, please do take a few minutes from your day to expose the > single http header needed. > > Long story short, to allow js clients to access our "open" data we need to > add one small HTTP Response header which will allow HEAD/GET and POST > requests - the header is: > Access-Control-Allow-Origin "*" > > This is both XMLHttpRequest (W3C) and XDomainRequest (Microsoft) compatible > and supported by all the major browser vendors. > > Instructions for common servers follow: > > If you're on Apache then you can send this header by simply adding the > following line to a .htaccess file in the dir you want to expose (probably > site-root): > Header add Access-Control-Allow-Origin "*" > > For NGINX: > add_header Access-Control-Allow-Origin "*"; > see: http://wiki.nginx.org/NginxHttpHeadersModule > > For IIS see: > http://technet.microsoft.com/en-us/library/cc753133(WS.10).aspx > > In PHP you add the following line before any output has been sent from the > server with: > header("Access-Control-Allow-Origin", "*"); > > For anything else you'll need to check the relevant docs I'm afraid. > > Best & TIA, > > Nathan > > [1] http://dev.w3.org/2006/waf/access-control/ > >
Received on Saturday, 23 October 2010 01:11:24 UTC