Re: Access Control Allow Origin
Hi Tyler Sorry for a delay, I was off for the last few days, The change you did looks fine, the filter can check the annotations or can be configured directly (which is what you did). It might make sense to consider checking a (Java) properties resource as a possible future enhancement, as a CORS filter may have many properties, May be if a '-cors' is provided then check a well-known class resource where all of the cors properties are set, if it is absent - default to '*' otherwise work with Properties... The current approach works too, might be tricky to extend it to support more properties but great for a start Thanks, Sergey On 27/03/15 18:56, Tyler Palsulich wrote: Thank you, Sergey! I didn't know about that feature. I am going to try to work up a patch this weekend which enables CORS. I'll let you know if I run into any issues. Thanks again, Tyler On Thu, Mar 26, 2015 at 2:39 AM, Mattmann, Chris A (3980) chris.a.mattm...@jpl.nasa.gov wrote: ++ Chris Mattmann, Ph.D. Chief Architect Instrument Software and Science Data Systems Section (398) NASA Jet Propulsion Laboratory Pasadena, CA 91109 USA Office: 168-519, Mailstop: 168-527 Email: chris.a.mattm...@nasa.gov WWW: http://sunset.usc.edu/~mattmann/ ++ Adjunct Associate Professor, Computer Science Department University of Southern California, Los Angeles, CA 90089 USA ++ -Original Message- From: Tyler Palsulich tpalsul...@gmail.com Reply-To: dev@tika.apache.org dev@tika.apache.org Date: Tuesday, March 24, 2015 at 3:41 PM To: dev@tika.apache.org dev@tika.apache.org Subject: Access Control Allow Origin Hi Folks, I took a stab at creating an example website to submit a file to the form resource of our VM. See http://tpalsulich.github.io/TikaExamples/. If I try to use AJAX to submit the request to make the page prettier (see the script in the head of the page (with ev.preventDefault() commented out), I get the following error: XMLHttpRequest cannot load http://162.242.228.174:9998/tika/form. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://tpalsulich.github.io' is therefore not allowed access. The response had HTTP status code 400. We can't allow the tika-server response header to accept * in general, since that isn't secure. So, would there be interest in including this sort of site on the VM? Then, the AJAX request won't be external and we won't have this error. The version button just takes you to the version resource on the VM (doesn't do anything with the file). Tyler
Re: Access Control Allow Origin
Thank you for the feedback! I think there's an issue (don't remember the number) to be able to specify a TikaConfig file for tika-server. So, I think that would be the ideal place to put more complex CORS configuration. Tyler On Wed, Apr 1, 2015 at 6:02 AM, Sergey Beryozkin sberyoz...@gmail.com wrote: Hi Tyler Sorry for a delay, I was off for the last few days, The change you did looks fine, the filter can check the annotations or can be configured directly (which is what you did). It might make sense to consider checking a (Java) properties resource as a possible future enhancement, as a CORS filter may have many properties, May be if a '-cors' is provided then check a well-known class resource where all of the cors properties are set, if it is absent - default to '*' otherwise work with Properties... The current approach works too, might be tricky to extend it to support more properties but great for a start Thanks, Sergey On 27/03/15 18:56, Tyler Palsulich wrote: Thank you, Sergey! I didn't know about that feature. I am going to try to work up a patch this weekend which enables CORS. I'll let you know if I run into any issues. Thanks again, Tyler On Thu, Mar 26, 2015 at 2:39 AM, Mattmann, Chris A (3980) chris.a.mattm...@jpl.nasa.gov wrote: ++ Chris Mattmann, Ph.D. Chief Architect Instrument Software and Science Data Systems Section (398) NASA Jet Propulsion Laboratory Pasadena, CA 91109 USA Office: 168-519, Mailstop: 168-527 Email: chris.a.mattm...@nasa.gov WWW: http://sunset.usc.edu/~mattmann/ ++ Adjunct Associate Professor, Computer Science Department University of Southern California, Los Angeles, CA 90089 USA ++ -Original Message- From: Tyler Palsulich tpalsul...@gmail.com Reply-To: dev@tika.apache.org dev@tika.apache.org Date: Tuesday, March 24, 2015 at 3:41 PM To: dev@tika.apache.org dev@tika.apache.org Subject: Access Control Allow Origin Hi Folks, I took a stab at creating an example website to submit a file to the form resource of our VM. See http://tpalsulich.github.io/TikaExamples/. If I try to use AJAX to submit the request to make the page prettier (see the script in the head of the page (with ev.preventDefault() commented out), I get the following error: XMLHttpRequest cannot load http://162.242.228.174:9998/tika/form. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://tpalsulich.github.io' is therefore not allowed access. The response had HTTP status code 400. We can't allow the tika-server response header to accept * in general, since that isn't secure. So, would there be interest in including this sort of site on the VM? Then, the AJAX request won't be external and we won't have this error. The version button just takes you to the version resource on the VM (doesn't do anything with the file). Tyler
Re: Access Control Allow Origin
I'll change the option to -C right now. Just looked closer -- TIKA-1426 is to provide a config for the server and app on the command line. Tyler On Wed, Apr 1, 2015 at 11:22 AM, Allison, Timothy B. talli...@mitre.org wrote: Might be thinking of TIKA-944? Mind if we switch the CORS short option to -C and use -c for the tika config file? -Original Message- From: Tyler Palsulich [mailto:tpalsul...@gmail.com] Sent: Wednesday, April 01, 2015 11:13 AM To: dev@tika.apache.org Subject: Re: Access Control Allow Origin Thank you for the feedback! I think there's an issue (don't remember the number) to be able to specify a TikaConfig file for tika-server. So, I think that would be the ideal place to put more complex CORS configuration. Tyler On Wed, Apr 1, 2015 at 6:02 AM, Sergey Beryozkin sberyoz...@gmail.com wrote: Hi Tyler Sorry for a delay, I was off for the last few days, The change you did looks fine, the filter can check the annotations or can be configured directly (which is what you did). It might make sense to consider checking a (Java) properties resource as a possible future enhancement, as a CORS filter may have many properties, May be if a '-cors' is provided then check a well-known class resource where all of the cors properties are set, if it is absent - default to '*' otherwise work with Properties... The current approach works too, might be tricky to extend it to support more properties but great for a start Thanks, Sergey On 27/03/15 18:56, Tyler Palsulich wrote: Thank you, Sergey! I didn't know about that feature. I am going to try to work up a patch this weekend which enables CORS. I'll let you know if I run into any issues. Thanks again, Tyler On Thu, Mar 26, 2015 at 2:39 AM, Mattmann, Chris A (3980) chris.a.mattm...@jpl.nasa.gov wrote: ++ Chris Mattmann, Ph.D. Chief Architect Instrument Software and Science Data Systems Section (398) NASA Jet Propulsion Laboratory Pasadena, CA 91109 USA Office: 168-519, Mailstop: 168-527 Email: chris.a.mattm...@nasa.gov WWW: http://sunset.usc.edu/~mattmann/ ++ Adjunct Associate Professor, Computer Science Department University of Southern California, Los Angeles, CA 90089 USA ++ -Original Message- From: Tyler Palsulich tpalsul...@gmail.com Reply-To: dev@tika.apache.org dev@tika.apache.org Date: Tuesday, March 24, 2015 at 3:41 PM To: dev@tika.apache.org dev@tika.apache.org Subject: Access Control Allow Origin Hi Folks, I took a stab at creating an example website to submit a file to the form resource of our VM. See http://tpalsulich.github.io/TikaExamples/. If I try to use AJAX to submit the request to make the page prettier (see the script in the head of the page (with ev.preventDefault() commented out), I get the following error: XMLHttpRequest cannot load http://162.242.228.174:9998/tika/form. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://tpalsulich.github.io' is therefore not allowed access. The response had HTTP status code 400. We can't allow the tika-server response header to accept * in general, since that isn't secure. So, would there be interest in including this sort of site on the VM? Then, the AJAX request won't be external and we won't have this error. The version button just takes you to the version resource on the VM (doesn't do anything with the file). Tyler
RE: Access Control Allow Origin
Might be thinking of TIKA-944? Mind if we switch the CORS short option to -C and use -c for the tika config file? -Original Message- From: Tyler Palsulich [mailto:tpalsul...@gmail.com] Sent: Wednesday, April 01, 2015 11:13 AM To: dev@tika.apache.org Subject: Re: Access Control Allow Origin Thank you for the feedback! I think there's an issue (don't remember the number) to be able to specify a TikaConfig file for tika-server. So, I think that would be the ideal place to put more complex CORS configuration. Tyler On Wed, Apr 1, 2015 at 6:02 AM, Sergey Beryozkin sberyoz...@gmail.com wrote: Hi Tyler Sorry for a delay, I was off for the last few days, The change you did looks fine, the filter can check the annotations or can be configured directly (which is what you did). It might make sense to consider checking a (Java) properties resource as a possible future enhancement, as a CORS filter may have many properties, May be if a '-cors' is provided then check a well-known class resource where all of the cors properties are set, if it is absent - default to '*' otherwise work with Properties... The current approach works too, might be tricky to extend it to support more properties but great for a start Thanks, Sergey On 27/03/15 18:56, Tyler Palsulich wrote: Thank you, Sergey! I didn't know about that feature. I am going to try to work up a patch this weekend which enables CORS. I'll let you know if I run into any issues. Thanks again, Tyler On Thu, Mar 26, 2015 at 2:39 AM, Mattmann, Chris A (3980) chris.a.mattm...@jpl.nasa.gov wrote: ++ Chris Mattmann, Ph.D. Chief Architect Instrument Software and Science Data Systems Section (398) NASA Jet Propulsion Laboratory Pasadena, CA 91109 USA Office: 168-519, Mailstop: 168-527 Email: chris.a.mattm...@nasa.gov WWW: http://sunset.usc.edu/~mattmann/ ++ Adjunct Associate Professor, Computer Science Department University of Southern California, Los Angeles, CA 90089 USA ++ -Original Message- From: Tyler Palsulich tpalsul...@gmail.com Reply-To: dev@tika.apache.org dev@tika.apache.org Date: Tuesday, March 24, 2015 at 3:41 PM To: dev@tika.apache.org dev@tika.apache.org Subject: Access Control Allow Origin Hi Folks, I took a stab at creating an example website to submit a file to the form resource of our VM. See http://tpalsulich.github.io/TikaExamples/. If I try to use AJAX to submit the request to make the page prettier (see the script in the head of the page (with ev.preventDefault() commented out), I get the following error: XMLHttpRequest cannot load http://162.242.228.174:9998/tika/form. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://tpalsulich.github.io' is therefore not allowed access. The response had HTTP status code 400. We can't allow the tika-server response header to accept * in general, since that isn't secure. So, would there be interest in including this sort of site on the VM? Then, the AJAX request won't be external and we won't have this error. The version button just takes you to the version resource on the VM (doesn't do anything with the file). Tyler
Re: Access Control Allow Origin
Thank you, Sergey! I didn't know about that feature. I am going to try to work up a patch this weekend which enables CORS. I'll let you know if I run into any issues. Thanks again, Tyler On Thu, Mar 26, 2015 at 2:39 AM, Mattmann, Chris A (3980) chris.a.mattm...@jpl.nasa.gov wrote: ++ Chris Mattmann, Ph.D. Chief Architect Instrument Software and Science Data Systems Section (398) NASA Jet Propulsion Laboratory Pasadena, CA 91109 USA Office: 168-519, Mailstop: 168-527 Email: chris.a.mattm...@nasa.gov WWW: http://sunset.usc.edu/~mattmann/ ++ Adjunct Associate Professor, Computer Science Department University of Southern California, Los Angeles, CA 90089 USA ++ -Original Message- From: Tyler Palsulich tpalsul...@gmail.com Reply-To: dev@tika.apache.org dev@tika.apache.org Date: Tuesday, March 24, 2015 at 3:41 PM To: dev@tika.apache.org dev@tika.apache.org Subject: Access Control Allow Origin Hi Folks, I took a stab at creating an example website to submit a file to the form resource of our VM. See http://tpalsulich.github.io/TikaExamples/. If I try to use AJAX to submit the request to make the page prettier (see the script in the head of the page (with ev.preventDefault() commented out), I get the following error: XMLHttpRequest cannot load http://162.242.228.174:9998/tika/form. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://tpalsulich.github.io' is therefore not allowed access. The response had HTTP status code 400. We can't allow the tika-server response header to accept * in general, since that isn't secure. So, would there be interest in including this sort of site on the VM? Then, the AJAX request won't be external and we won't have this error. The version button just takes you to the version resource on the VM (doesn't do anything with the file). Tyler
Re: Access Control Allow Origin
++ Chris Mattmann, Ph.D. Chief Architect Instrument Software and Science Data Systems Section (398) NASA Jet Propulsion Laboratory Pasadena, CA 91109 USA Office: 168-519, Mailstop: 168-527 Email: chris.a.mattm...@nasa.gov WWW: http://sunset.usc.edu/~mattmann/ ++ Adjunct Associate Professor, Computer Science Department University of Southern California, Los Angeles, CA 90089 USA ++ -Original Message- From: Tyler Palsulich tpalsul...@gmail.com Reply-To: dev@tika.apache.org dev@tika.apache.org Date: Tuesday, March 24, 2015 at 3:41 PM To: dev@tika.apache.org dev@tika.apache.org Subject: Access Control Allow Origin Hi Folks, I took a stab at creating an example website to submit a file to the form resource of our VM. See http://tpalsulich.github.io/TikaExamples/. If I try to use AJAX to submit the request to make the page prettier (see the script in the head of the page (with ev.preventDefault() commented out), I get the following error: XMLHttpRequest cannot load http://162.242.228.174:9998/tika/form. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://tpalsulich.github.io' is therefore not allowed access. The response had HTTP status code 400. We can't allow the tika-server response header to accept * in general, since that isn't secure. So, would there be interest in including this sort of site on the VM? Then, the AJAX request won't be external and we won't have this error. The version button just takes you to the version resource on the VM (doesn't do anything with the file). Tyler
