Re: Please allow JS access to Ontologies and LOD from Nathan on 2010-10-27 (semantic-web@w3.org from October 2010)

From: Nathan <nathan@webr3.org>
Date: Wed, 27 Oct 2010 21:38:34 +0100
To: Martin Hepp <martin.hepp@ebusiness-unibw.org>
CC: Ian Davis <lists@iandavis.com>, Linked Data community <public-lod@w3.org>, Semantic Web <semantic-web@w3.org>, foaf-protocols <foaf-protocols@lists.foaf-project.org>
Message-ID: <4CC88DCA.4010506@webr3.org>
Hi Martin,

A few people are considering setting up a network of JS accessible 
proxies which can be used to access the web of linked data from JS, 
however this isn't very HTTP friendly, could cost a lot bandwidth wise, 
and is more of an interim measure - thus trying to put pressure on to 
get as much linked data & ontologies JS accessible as possible before 
taking this route.

Best,

Nathan

Martin Hepp wrote:
> Hi Nathan:
> 
> Would it be an option that someone provides a service that resolves 
> purls to their current resource locations and adds the JS/CORS header 
> info to that service? I mean, one could use a service other than 
> purl.org to resolve a purl.org URI.
> 
> Something like cors4purl.org.
> 
> Whenever your JS encounters a http://purl/.*$ URI, you fetch 
> http://cors4purl.org/$1.
> 
> Not the most beautiful solution, but likely a clean, pragmatic way to 
> make the many purl.org-based vocabularies accessible for client-side 
> scripts.
> 
> Martin
> 
> On 27.10.2010, at 22:14, Nathan wrote:
> 
>> Hi Martin,
>>
>> Great work! sadly though purl.org currently doesn't allow JS/CORS 
>> access so it won't work :( this is true for everybody who use PURLz.
>>
>> see: 
>> http://groups.google.com/group/persistenturls/browse_thread/thread/d4c5d9880b4fb5fb 
>>
>>
>> for the request to add, please do add weight if you want them to make 
>> it so - note that this will allow the redirects to be JS/CORS 
>> compatible, it's still up to each end URI/domain to allow CORS support 
>> (as martin has done).
>>
>> Best,
>>
>> Nathan
>>
>> Martin Hepp wrote:
>>> Hi Nathan, all:
>>> I just fixed this for GoodRelations
>>>   http://purl.org/goodrelations/v1
>>> and the Vehicle Sales Ontology (VSO):
>>>  http://purl.org/vso/ns
>>> Best wishes
>>> Martin
>>> On 23.10.2010, at 03:28, Nathan wrote:
>>>> Hi Ian,
>>>>
>>>> Thanks, I can confirm the change has been successful :)
>>>>
>>>> However, one small note is that the conneg URIs such as 
>>>> http://productdb.org/gtin/00319980033520 do not expose the header, 
>>>> thus can't be used.
>>>>
>>>> In order to test yourself, simply do a curl -I request on the 
>>>> resource, for instance:
>>>>
>>>> curl -I http://productdb.org/gtin/00319980033520.rdf
>>>>
>>>> Also, I've just uploaded a small script which lets you enter a uri 
>>>> of an RDF/XML document, it'll try and pull it, parse it and display 
>>>> it as turtle for you - which is a good test of both CORS and the 
>>>> script ;)
>>>> http://webr3.org/apps/play/api/test
>>>>
>>>> FYI, Dan has also made the change so the FOAF vocab is now exposed 
>>>> to JS.
>>>>
>>>> Best and thanks again,
>>>>
>>>> Nathan
>>>>
>>>> Ian Davis wrote:
>>>>> Hi Nathan,
>>>>> I implemented this header on http://productdb.org/ (since I had the
>>>>> code open). Can someone comfirm that it does what's expected (i.e.
>>>>> allows off-domain requesting of data from productdb.org)
>>>>> One important thing to note. The PHP snippet you gave was slightly
>>>>> wrong. The correct form is:
>>>>> header("Access-Control-Allow-Origin: *");
>>>>> Cheers,
>>>>> Ian
>>>>> On Sat, Oct 23, 2010 at 12:04 AM, Nathan <nathan@webr3.org> wrote:
>>>>>> Hi All,
>>>>>>
>>>>>> Currently nearly all the web of linked data is blocked from access 
>>>>>> via
>>>>>> client side scripts (javascript) due to CORS [1] being implemented 
>>>>>> in the
>>>>>> major browsers.
>>>>>>
>>>>>> Whilst this is important for all data, there are many of you 
>>>>>> reading this
>>>>>> who have it in your power to expose huge chunks of the RDF on the 
>>>>>> web to JS
>>>>>> clients, if you manage any of the common ontologies or anything in 
>>>>>> the LOD
>>>>>> cloud diagram, please do take a few minutes from your day to 
>>>>>> expose the
>>>>>> single http header needed.
>>>>>>
>>>>>> Long story short, to allow js clients to access our "open" data we 
>>>>>> need to
>>>>>> add one small HTTP Response header which will allow HEAD/GET and POST
>>>>>> requests - the header is:
>>>>>> Access-Control-Allow-Origin "*"
>>>>>>
>>>>>> This is both XMLHttpRequest (W3C) and XDomainRequest (Microsoft) 
>>>>>> compatible
>>>>>> and supported by all the major browser vendors.
>>>>>>
>>>>>> Instructions for common servers follow:
>>>>>>
>>>>>> If you're on Apache then you can send this header by simply adding 
>>>>>> the
>>>>>> following line to a .htaccess file in the dir you want to expose 
>>>>>> (probably
>>>>>> site-root):
>>>>>> Header add Access-Control-Allow-Origin "*"
>>>>>>
>>>>>> For NGINX:
>>>>>> add_header Access-Control-Allow-Origin "*";
>>>>>> see: http://wiki.nginx.org/NginxHttpHeadersModule
>>>>>>
>>>>>> For IIS see:
>>>>>> http://technet.microsoft.com/en-us/library/cc753133(WS.10).aspx
>>>>>>
>>>>>> In PHP you add the following line before any output has been sent 
>>>>>> from the
>>>>>> server with:
>>>>>> header("Access-Control-Allow-Origin", "*");
>>>>>>
>>>>>> For anything else you'll need to check the relevant docs I'm afraid.
>>>>>>
>>>>>> Best & TIA,
>>>>>>
>>>>>> Nathan
>>>>>>
>>>>>> [1] http://dev.w3.org/2006/waf/access-control/
>>>>>>
>>>>>>
>>>>
>>>>
>>
>>
> 
> 
>
Received on Wednesday, 27 October 2010 20:39:40 UTC