Sie sind nicht angemeldet.

CORS implementation

jordi

Profi

  • »jordi« ist der Autor dieses Themas

Beiträge: 583

Wohnort: Barcelona

Beruf: creating ideas & coding them

  • Nachricht senden

1

Freitag, 30. Juni 2017, 13:09

CORS implementation

Hi, I've been reading about CORS in all threads of the forum and from outside, but can find a solution.

so I have domain1 where I hosts all the files (krpano, xml, images)

in htaccess from domain1 I should add :

Quellcode

 
1

Header set Access-Control-Allow-Origin "*"


then in domain2 I have a index.html

Quellcode

 
1
2
3
4
5
6
7
8
9

<script src="https://domain1.com/pano.js">
</script><div id="pano" style="width:100%;height:100%;"><script>
embedpano({  
    swf:"https://domain1.com/pano.swf", 
    xml:"https://domain1.com/pano.xml", 
    target:"pano"
});
</script>
</div>



and pano xml is :

Quellcode

 
1
2
3
4
5
6
7
8
9
10
11
12
13

<krpano>
<security cors="use-credentials" />	

<include url="skin/defaultskin.xml" />	

<view hlookat="0" vlookat="0" maxpixelzoom="1.0" fovmax="150" limitview="auto" />	
	<preview url="a.tiles/preview.jpg" />
	<image type="CUBE" multires="true" tilesize="512">		
      <level tiledimagewidth="640" tiledimageheight="640">			
      <cube url="a.tiles/%s/l1/%v/l1_%s_%v_%h.jpg" />		
     </level>	
 </image>
</krpano>


So on this situation from domain2, the index.html is able to load krpano and the first xml (pano.xml) but not the second xml (defaultskin.xml) neither the images of the pano.

Anyone knows what am I missing ?

I've already been testing many different htaccess options like add instead of set or always set, or different kind of methods...

Quellcode

 
1
2
3
4
5

Header add Access-Control-Max-Age 1728000
Header add Access-Control-Allow-Origin: http://domain1.com
Header add Access-Control-Allow-Methods: "GET,POST,OPTIONS,DELETE,PUT"
Header add Access-Control-Allow-Headers: "DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,C$
Header add Access-Control-Allow-Credentials true


Quellcode

 
1
2
3
4
5

# Enable cross domain access control
SetEnvIf Origin "^http(s)?://(.+\.)?(domain1\.com|domain2\.net)$" REQUEST_ORIGIN=$0
Header always set Access-Control-Allow-Origin %{REQUEST_ORIGIN}e env=REQUEST_ORIGIN
Header always set Access-Control-Allow-Methods "GET, POST, PUT, DELETE"
Header always set Access-Control-Allow-Headers: Authorization


But I guess is more a basic CORS concept that I miss.

thanks in advance
everpano.com step beyond 360

spacerywirtualne

Profi

Beiträge: 1 117

Wohnort: Poland, Europe

Beruf: krpano developer : virtual tours : the cms4vr owner

  • Nachricht senden

2

Samstag, 1. Juli 2017, 13:17

Have you try this?

...

<cube url="https://domain1.com/panos/a.tiles/%s/l1/%v/l1_%s_%v_%h.jpg" />

...

Best regards
Piotr
Your own professional, online cloud tool for creating virtual tours - www.cms4vr.com

facebook page :: youtube :: wiki.cms4vr.com

cms4vr team *thumbsup*

jordi

Profi

  • »jordi« ist der Autor dieses Themas

Beiträge: 583

Wohnort: Barcelona

Beruf: creating ideas & coding them

  • Nachricht senden

3

Montag, 3. Juli 2017, 08:54

Yes already try it, without succes.

What was easily working was to setup a bucket in aws s3... so I guess I know the way.

Thanks
everpano.com step beyond 360

martincarlin87

Anfänger

Beiträge: 17

  • Nachricht senden

4

Dienstag, 14. Juli 2020, 16:29

<security cors="use-credentials" />


fixed it for me - thanks! I haven't noticed this in the docs before.

Ähnliche Themen