David Pilcher created an issue |
Issue Type: |
Bug |
---|---|
Affects Versions: |
2.5-RC2 |
Assignee: |
|
Created: |
14/Mar/14 8:19 AM |
Environment: |
Win32/Geoserver all/Chrome browser |
Priority: |
Minor |
Reporter: |
We have an app hosted on IIS:localhost:80 that pulls data in from Geoserver:localhost:8080 using the GWC WMS GetCapabilties in GeoServer. This call works fine in IE and Firefox if we place some cross-site scripting files in the root of jetty (crossdomain.xml/clientaccesspolicy.xml). However for Chrome the only way a website can call another website and they request work is if that site (Geoserver) sets response headers to include the “Access-Control-Allow-Origin” HTTP header to tell Chrome the cross-site call is ok. Newer jetty versions include the Cross_Origin_Filter servlet to enable this to be configured but we cannot work out a way with the very old jetty 6.1.8 to do this. Would be useful to upgrade jetty to a newer version in a future release. |
This message was sent by Atlassian JIRA (v6.1.6#6162-sha1:7af547c) |