I have a vectorLayer with WFS protocol, and BBOX strategy. Which loads initially the data as it should.
But if i drag the map the geoserver log just say: {curr date} INFO [geoserver.wfs] - Request: getServiceInfo instead of getFeature (like it does during the initial request).
My problem is that on the map nothing happens. If I set a "refresh" eventHandler on the layer, it won't fire...
Do I have to refresh the map/layer somewhere else?
var map;
function init(){
..
map = new OpenLayers.Map('map', options);
var gsat = new OpenLayers.Layer.Google(...);
map.addLayer(gsat);
var lonlat = new OpenLayers.LonLat(...);
map.setCenter(lonlat, 18);
loadLayer();
..
}
function loadLayer(){
loadLayerFunc();
...
}
function loadLayerFunc(){
var wfsLayer = loadLayerFunc();
wfsLayer.events.on({...});
map.addLayer(wfsLayer);
...
}
function loadLayerFunc(){
var bboxStrategy = new OpenLayers.Strategy.BBOX({ratio: 0.8});
wfsLayer = new OpenLayers.Layer.Vector("wfsLayer", {
strategies: [bboxStrategy],
protocol: new OpenLayers.Protocol.WFS({
version: "1.1.0",
srsName: "EPSG:4326",
url: wfs_url,
featureType: "positions_test",
featurePrefix: "feature",
geometryName: "the_geom",
schema: "http://localhost:8080/geoserver/wfs?request=DescribeFeatureType&service=WFS&typeName=ws:positions",
maxFeatures: 1000
}),
projection: geoProjection
});
return wfsLayer;
}
If i run the same script on another server, firefox webconsole tells me already at the initial request "Unable to display responses of type (null)".....?
It doesn't even show anything, although i just changed the url.
EDIT: the null response seem to be caused by the tomcat apache server without proxy configuration. Is possible to run it without proxy, if the js files are in the similar apache folder like on geoserver? Finally i need to run it on the tomcat.
Is "proxy.cgi file not well formed" error better than null response? I would like to solve it without a proxy if possible, but it looks like that including the proxy brings me closer to where i want.
your WFS endpoint (GeoServer) should be located relative to your page otherwise the same origin policy kicks in.
You could try fixing it using apache and mod_proxy or mod_jk. With those libraries you can mount geoserver, as deployed in tomcat, relative to your application.
If this is not possible with your application, you should use the supplied proxy script.
And yes, geoserver displays getServiceInfo when making WFS requests in its log files. I noticed the same behaviour with geoserver 2.1.1
Related
I fetched an item from my Firebase storage bucket via this technique (generally):
const url = await firebase.storage().ref('my/ref').getDownloadURL();
const filename = 'filename.ext';
const a = document.getElementById('link');
a.href = url;
a.download = filename;
a.click();
I did it the above way prior to trying the example from the docs:
storageRef.child('images/stars.jpg').getDownloadURL().then(function(url) {
// `url` is the download URL for 'images/stars.jpg'
// This can be downloaded directly:
var xhr = new XMLHttpRequest();
xhr.responseType = 'blob';
xhr.onload = function(event) {
var blob = xhr.response;
};
xhr.open('GET', url);
xhr.send();
});
When trying it this way, I hit the CORS error. After adding the CORS config to my bucket, it then worked as expected. However, I cannot determine why I was able to successfully fetch it via the first technique prior to configuring CORS.
I tested it again by removing the GET method from my CORS config and uploading the config file again via gsutil. I was still able to successfully obtain the file via the first technique described above.
If this is possible to do without configuring CORS, how can I prevent it to restrict access? Odds are no one will be able to figure out the required ref to build the link, anyways, because the actual ref has multiple unique IDs that will be all but impossible to figure out. This is mainly a question out of curiosity.
I cannot determine why I was able to successfully fetch it via the first technique prior to configuring CORS.
Because same-origin policy doesn't apply when the Javascript can't access the data. In your first example, the JS tweaks the document and the document accesses the data. In the second example, the JS accesses the cross-origin data, and the absence of CORS prevents such access.
If this is possible to do without configuring CORS, how can I prevent it to restrict access?
CORS isn't designed to restrict access. (Wait, what?) CORS is designed to permit access that would otherwise be assumed to be something the user would not want -- for scripts on one page to have access to data from another origin, including, potentially, handing over use of the user's credentials to scripts on the current page when accessing the foreign site. CORS allows site B to tell the browser that it expects to be contacted by scripts from site A, and therefore such access should not be unexpected or assumed unauthorized. It has no impact on requests that don't fall under the same origin policy.
The solution -- and I apologize if I am stating the patently obvious -- is that getDownloadUrl() should not be able to fetch a usable URL for the object, if the object should not in fact be accessible. You can't trust code running on the browser, so whatever credentials are in play here should not be able to be used in this way, if the object is not intended to be accessible... otherwise you have a misconfiguration that is allowing access that should not be allowed.
I am trying to use SockJS from my Meteor to connect to another service but I can't get a reference to SockJS within meteor client or server. Does anyone have a good example of using SockJS to connect to other service or streaming API's from Meteor?
I have tried to accomplish this two ways but 'socket' is always undefined:
var socket = sockjs.createServer({ sockjs_url: 'http://api.hitbtc.com:8081' });
socket.onmessage = function(msg) {
var data = JSON.parse(msg.data);
console.log("CONNECTED!!" + data)
};
var socket = new SockJS('http://api.hitbtc.com:8081');
socket.onmessage = function(msg) {
var data = JSON.parse(msg.data);
console.log("CONNECTED!!" + data)
};
Even though SockJS is used by the Meteor itself it's hidden deeply inside the ddp package and it's not really exposed to the users. So basically, you have two options here:
You can either put another copy of SockJS into your app, ...
... or you can teach your custom server to understand DDP protocol, then you will be able to use DDP.connect to establish a new connection.
The second solution does not make sense of course if you are using 3rd party service. The first solution feels ugly because of the data redundancy, but I am afraid it's the only way out if 2. is not acceptable.
In the server:
execute Npm.require('./') and observe the path informed in the error, from it you can point to the packages from the depths of Meteor, in the case of SockJS the path (in version 1.10.2 of Meteor) is:
Npm.require('./meteor/ddp-server/node_modules/sockjs');
In the specific case of Sockjs, its use is slightly different from that presented on the Github page, as follows:
const sockjs = Npm.require('./meteor/ddp-server/node_modules/sockjs');
const echo = sockjs.listen(WebApp.httpServer, {prefix: '/echo'});
echo.on('connection', function(conn) {
conn.on ('data', function(message) {
conn.write(message);
});
conn.on('close', function(){});
});
I didn't find the sockjs "client" package in these files, because the sockjs-client package is specific to the browser. So I downloaded from the CDN that the "echo" output provided, I use "--exclude-archs web.browser.legacy" in my test environment, but from what I read out there the sockjs-client package is available if you don't use it this parameter.
Sockjs relies on "faye-websocket" which has both a client and a websocket server designed to run on NodeJs, here is the suggestion.
Ps: I didn't find an equivalent form on the client side (there is no Npm.require)
Using Iron Router I can add a route such as /index returns "INDEX CONTENT" from the server:
this.route('index', {
path: '/',
where: 'server',
action: function () {
this.response.end("INDEX CONTENT");
}
});
The default behaviour for a Meteor app is to return a boilerplate HTML file on the initial request to the server which contains the js/css etc required to run the web app.
What I would like to do, however, is place a string (ie "INDEX CONTENT" as above) within the boilerplate which would normally be returned by default if I hadn't added the route. To do this, I'd need to be able to modify a boilerplate response before it is sent to the client but after it is constructed by the standard meteor response mechanism.
Can anyone recommend a way to be able to do this?
You could try the inject-initial meteorite package.
From the docs:
Inject.rawModHtml(id, func). At injection time, calls func(html, res) with the full page HTML which it expects to be returned, in full, after modification. res is the current http connection response request.
I think you would use it like this.
Inject.rawModHtml('breakEverything', function(html) {
return "INDEX CONTENT";
});
i'm working with Pentaho Data Integration and i need a step which gives me a response header of a http request. What i would really need is an implementatione of the HEAD Method of a http call because i have to see the last-modified field of a resorce on internet. I tried using the REST Client step but it doesn't work. So i would like to write a script that makes everything i need.
I actually created a Modified Java Script Value and i put this code inside:
var req = new XMLHttpRequest();
req.open('GET', 'URL', false);
req.send(null);
var headers = req.getAllResponseHeaders().toLowerCase();
When i run it it doesn't gives me any error but there's anything in "headers".
Any suggestions? I would appreciate a different solution to
If the URL you're requesting is on a different domain then I can tell you that the server is not sending the correct headers to allow cross-domain resource sharing.
Access-Control-Allow-Origin: *
Without the server sending that header the only way to access any of the response (including headers) is if your script is running on the same domain (and protocol) or if you setup a proxy on your own server to get the data from the remote server.
If I open up the JS console on this page and run:
var req = new XMLHttpRequest();
req.open('GET', 'http://dati.toscana.it/it/storage/f/2012-07-26T160139/intoscana-arte-e-cultura.csv', false);
req.send(null);
console.log(req.getAllResponseHeaders());
I get the following output:
XMLHttpRequest cannot load http://dati.toscana.it/it/storage/f/2012-07-26T160139/intoscana-arte-e-cultura.csv. Origin http://stackoverflow.com is not allowed by Access-Control-Allow-Origin.
NetworkError: A network error occurred.
But if i put an alert in the end:
var req = new XMLHttpRequest();
req.open('GET', 'http://dati.toscana.it/it/storage/f/2012-07-26T160139/intoscana-arte-e-cultura.csv', false);
req.send(null);
var headers = req.getAllResponseHeaders().toLowerCase();
alert(headers);
it gives me the response.
It gives me this too:
Error: Failure
req.send(null);
I'm using Firebug.
I had a similar problem. In my case was to detect a redirection, something that could happens in services that uses third part storage (like Amazon S3). First time I tried with XMLHttpRequest but apparently that is not implemented in the JavaScript available in Kettle, just in browsers. To workaround this, I follow the instructions from http://type-exit.org/adventures-with-open-source-bi/2010/06/using-java-in-pentaho-kettle/ to reference another Java Class, mentioned in http://www.mkyong.com/java/how-to-get-http-response-header-in-java/, inside a Modified Javascript Value Step. The limitation is that you need to do a primary request to get the header, it is not a "just one request" solution.
//Get the location of a link that has a 301 permanent redirection
var pathurl=documentourl; //URL to lookup. It must be a valid address, otherwise will give error
var location; //final location in case of redirect
//fake import of the Java Classes
var HTTPRequest=javax.servlet.http.HttpServletRequest;
var url=java.net.URL;
//open a url connection
var conn= new url(pathurl).openConnection();
//if you yant to watch all the headers uncomment the following lines
//var headerobj= conn.getHeaderFields();
var status=conn.getResponseCode(); //get status code
if (status == 301){ //ie: permanent redirection
location=conn.getHeaderField("Location");
}
else{
//return the same url
location=pathurl;
}
I hope it helps to anyone with this problem!
I have a flash video player which requests a flv file from a central server. That server might redirect the request to a server from the user's country if possible, a lot like a CDN.
This video player also reports usage stats. One thing I'd like to report is the true server/location from which the player is streaming the video from. So basically, if it gets redirected I want to know about it.
It seems that you can't extract the url from a URLLoader, you can only keep a copy of the URLRequest that you constructed it with.
I notice that you can listen for HTTP status events, which would include a 302 or similar. But unfortunately, the HTTPStatusEvent object doesn't show the redirected location.
Any ideas about how to monitor for a redirect, and get the redirected location?
I'm a bit surprised Flash allows you to redirect a video request at all. I did a bit of digging and it looks like you can get the info:
Handling Crossdomain.xml and 302 Redirects Using NetStream
His post specifically talks about the trouble of security issues that arise because of the fact some operations fail if data is from an untrusted server. Since he doesn't know where his video is coming from (302 redirect) the Flash Player doesn't trust it and prevents some operations on the loaded content.
How he gets the server the content was actually loaded from is to do an operation on the file that should not be allowed and he parses the domain information from the error message:
try
{
var bit:BitmapData = new BitmapData(progressiveVideoPlayer.measuredWidth, progressiveVideoPlayer.measuredHeight, false, 0x000000);
bit.draw(progressiveVideoPlayer);
}
catch(error:SecurityError)
{
var list:Array = error.toString().split(" ");
var swfURL:String = list[7] as String;
var domain:String = list[10] as String;
domain = domain.substring(0, domain.length - 1);
var domainList:Array = domain.split("/");
var protocol:String = domainList[0] as String;
var address:String = domainList[2];
var policyFileURL:String = protocol + "//" + address + "/crossdomain.xml";
Security.loadPolicyFile(policyFileURL);
}
Notice he is doing it so that he can load the policy file (to allow the security restricted operations on the file). I'm not sure it will be helpful to you but at least read the article and have a think about it. You may contact the blog author directly too - he is pretty active in the general Flash community.