Problems encountered:
A recent map development based on cesium for 3D models has encountered GeoServer cross-domain issues after accessing its own published WMS service.
When invoking this WMS service, the browser (I use Chrome) developer Tool Error:
The console prompts are as follows:
Font from Origin ' http://xxxxxxxxxxxxx ' have been blocked from loading by cross-origin Resource sharing Policy:no ' access- Control-allow-origin ' header is present on the requested resource. Origin ' http://localhost ' is therefore not allowed access.
This is because the server side does not allow cross-domain access caused by problems.
Solution:
1, download the official Cors compressed package, extract two jar packages, two jar package files into the GeoServer directory in the Web container's class Library folder.
2. Open the XML configuration file in the Web container under the GeoServer directory.
3. Add filter code and filter routing code.
4, restart the geoserver.
PS: If maven exists in the directory, you need to add a dependency tag in pom.xml.
PSS: In order to serve everyone, I made a compression package
PSSS: After I test, this cross-domain access method can be applied to most servers, not limited to GeoServer
CORS (cross-domain resource sharing) Small classroom:
Cors requires both browser and server support. Currently, all browsers support this feature (ie cannot be less than IE10).
The entire cors communication process is done automatically by the browser and does not require user involvement. Once the browser discovers that the request crosses the source, it will automatically add some additional header information, but the user will not feel it.
Therefore, the key to achieving cors communication is the server . As long as the server implements the Cors interface, it can communicate across the source.
Request Flow:
1. When you send any request, the browser merges the Cors request into the HTTP request. Specifically, in the header information, add a Origin
field.
2, the above header information, the Origin
field is used to explain, this request from which source (protocol + domain + port). Based on this value, the server decides whether to agree to this request.
3. If Origin
the specified source is not within the scope of the license, the server will return a normal HTTP response.
4.1, the browser found that the header information of this response does not contain the Access-Control-Allow-Origin
field, it is known that the error, thus throwing an error, is XMLHttpRequest
captured by the onerror
callback function.
4.2. If the Origin
specified domain name is within the permitted range, the response returned by the server will have more than a few header information fields.
5, the most important of which is access-control-allow-origin this field, this field specifies the domain that can get this resource, if the header information has this field, this field and the client browser should be the same domain.
GeoServer2.90 Server cross-domain settings based on the Cesium1.26 map API