• 0

I think I'm fighting the Same Origin Policy

Asked by Shadrack,

 Share

Question

Grand Master

Shadrack

Posted
Posted

Hi!

About 10 years ago I basically LIVED in this forum. Now I'm returning to web development for a small project of porting my application that I've written in LabVIEW to be used over the web. The fact that I am using LabVIEW isn't really important. What is important is that my LabVIEW application is running a REST service on my port 8080, and I'm trying to consume that service using some Jquery in an html page running on IIS on port 80.

The service I'm using to get things going is a simple adding service that takes the form:

http://localhost:808...:input1/:input2

Where the output is the summation of the two inputs. So for example if I were to do a GET request for http://localhost:8080/add/1/2 the return would look like:

<Response>
<Terminal>
<Name>Output</Name>
<Value>3.000000</Value>
</Terminal>
</Response>

I can't even get this basic checkout to work:

	   	 $.ajax({
				type: "GET",
				url: "http://localhost:8080/add/1/2",
				success: function(data){		
					alert(data);
				}
			});

Doing some searching reveals that I'm up against the old "Same Origin Policy" because my script is being accessed through port 80 (where IIS lives) and is trying to place a call to port 8080 (where my web service lives).

So many friggen solutions out there! But I'm having trouble getting any of them to work. It would be great if my alert box would popup and give me the correct response. I think that some kind of reverse proxy might be a good solution, but the manner of setting that up in IIS 7 on Windows 7 Pro isn't sitting well (I'm thinking of switching to Apache just because it does this more gracefully I think).

Ultimately I do not think a reverse proxy will work on the production server because I am not the admin. And what I give them as a web service installation will be running on a different port (and possibly a different domain) than the front end javascript client.

Thanks for your time.

11 answers to this question

Recommended Posts

  • 0
Rising Star

tim_s

Posted
Posted

Hi,

Do you have a public facing IP?

I.e. how can I see your results to debug?

--

When you refer to the origin policy I am assuming you mean that you are sending the request from http://localhost(:80)/ to http://localhost:8080/?

  • 0
Grand Master

Shadrack

Posted
  • Author
Posted

Hi,

Do you have a public facing IP?

I.e. how can I see your results to debug?

--

When you refer to the origin policy I am assuming you mean that you are sending the request from http://localhost(:80)/ to http://localhost:8080/?

Sorry, I do not have a public facing IP right now (and do not have the authority to enable that).

Yeah, sending the request from http://localhost:80/ to http://localhost:8080/

I'm reading about CORS as a possible solution. But there is a requirement to echo back the origin in the HTTP header which I do not think is possible with a LabVIEW web service....

-Shad

  • 0
Rising Star

tim_s

Posted
Posted

Sorry, I do not have a public facing IP right now (and do not have the authority to enable that).

Yeah, sending the request from http://localhost:80/ to http://localhost:8080/

I'm reading about CORS as a possible solution. But there is a requirement to echo back the origin in the HTTP header which I do not think is possible with a LabVIEW web service....

-Shad

This could be done in a 100 different ways depending on your level of access. How many calls a second would you be looking to instantiate? I.e. would an extra step provide an efficiency issue?

  • 0
Grand Master

Shadrack

Posted
  • Author
Posted

This could be done in a 100 different ways depending on your level of access. How many calls a second would you be looking to instantiate? I.e. would an extra step provide an efficiency issue?

I don't see any extra steps providing efficiency issues...

the number of calls is pretty low...as in a user would really only be expected to issue 1 call.

My end product (not this trivial addition one) will have the following work flow

Present user with web form -> User fills out web form and hits submit -> Contents of web form are compiled to a POST response and pushed to my REST service on port 8080 via javascript -> REST Service returns an image URL -> Javascript updates an image tag on the page with the URL returned from the REST Service.

The REST Service takes the data, does some calculations, produces a plot, saves the plot as a PNG image somewhere, and returns a URL for the image file.

In addition the end product will be behind a username/password and access will be limited to a small number of people.

  • 0

Guest pgxl

Posted
Posted

You could use the PHP fsockopen functions http://www.php.net/manual/en/function.fsockopen.php , but sockets extension needs to be enabled in the php.ini file. You could have your php script call the socket directly and pass parameters to it and have the application return results back to the php script, then the script can return data to the end user as the rest response.

If your port 8080 application is running its own webserver or can be loaded from a browser than use CURL within php as it is easier than using fsockopen.

  • 0
Grand Master

Shadrack

Posted
  • Author
Posted

Thanks guys. I have one PHP proxy worked out, but am not happy with the lag...lol (at least not on my development machine).

I found a way to incorporate my static HTML/Javascript/Image/CSS files inside the web service executable (it's compiled) so that my static files are served on port 8080. Doing this alleviated the same origin policy issues and everything is snappy.

This topic is now closed to further replies.
 Share
Go to question listing

  • Posts

    • 007 First Light review: Satisfying spy adventure that James Bond needed

      By Nargg · Posted

      I bought this game. Played it for an hour, and then got a refund from Steam. Not a fun game at all.
    • Nothing Ear buds with active noise cancellation are at their lowest price ever with 51% off

      By Fiza Ali · Posted

      Nothing Ear buds with active noise cancellation are at their lowest price ever with 51% off by Fiza Ali Amazon is currently offering the Nothing Ear wireless earbuds at their lowest price ever with 51% off limited prime deal. The earbuds feature an 11mm dynamic drivers with a ceramic diaphragm, and support high-resolution audio codecs including AAC, SBC, LDAC, and LHDC 5.0. They support active noise cancellation of up to 45dB across a frequency range of up to 5000Hz, and include a smart ANC algorithm, adaptive noise cancellation, and a transparency mode that allows surrounding sounds to be heard when needed. Connectivity is provided via Bluetooth 5.3, with support for multiple profiles including HFP, A2DP, AVRCP, and others. The earbuds also support dual connection, allowing them to be paired with two devices at the same time. Additional features include IP54 water and dust resistance for the earbuds and IP55 for the charging case, in-ear detection, pinch controls, low-latency mode, Google Fast Pair, Microsoft Swift Pair, and a three-microphone system per earbud for clearer voice calls. The Nothing X app, available on Android and iOS, provides access to custom EQ settings, bass enhancement, personal sound profiles, ear tip fit testing, firmware updates, customisable controls, dual-device management, and a find-my-earbuds feature. In terms of battery performance, each earbud has a 46mAh battery and the charging case has a 500mAh capacity. With active noise cancellation (ANC) turned off, the earbuds should offer up to 8.5 hours of playback on a single charge and up to 40.5 hours in total with the charging case. With ANC enabled, playback should last up to 5.2 hours on the earbuds and up to 24 hours with the case. For calls, talk time should reach up to 5 hours on the earbuds and 23 hours with the case when ANC is off, while ANC on should provide up to 4 hours on the earbuds and 18 hours with the case. Finally, fast charging should deliver up to 10 hours of playback from 10 minutes of charging when ANC is disabled. Nothing Ear Wireless Earbuds Bluetooth: $73.15 (Amazon US) - 51% off Good to know This Amazon deal is U.S. specific, and not available in other regions unless specified. We only use first-party seller links (at the time of article publishing); ensure that you purchase from a first-party seller link only. Check out Today's Deals on Amazon | or our recent tech deals. Become a Prime member (for Students or SNAP) via Neowin Get Prime Access - Prime for half price (for qualifying Medicaid, EBT, SNAP) Subscribe to Prime Video, Audible Plus, Music Unlimited or Kindle Unlimited via Neowin As an Amazon Associate, we earn from qualifying purchases.
    • Microsoft Eyes DeepSeek V4 for Copilot Cowork: What Azure Hosting Cannot Fix

      By +TRS-80 · Posted

      Microsoft officially launched its Copilot Cowork enterprise AI agent on June 16, 2026, switching to usage-based pricing on the same day it disclosed it is considering a Microsoft-hosted version of China's DeepSeek V4 as a lower-cost engine for the platform — a pairing that puts the company on a collision course with both its enterprise customers' security teams and a White House that has spent months trying to wall off Chinese AI from American infrastructure.................... https://www.techtimes.com/articles/318647/20260618/microsoft-eyes-deepseek-v4-copilot-cowork-what-azure-hosting-cannot-fix.htm  
    • Politically funny images of the World

      By +Edouard · Posted

    • Forza Horizon 6 gets another hotfix for one of the game's online modes

      By TarasBuria · Posted

      Forza Horizon 6 gets another hotfix for one of the game's online modes by Taras Buria Recently, Forza Horizon 6 players discovered an interesting glitch that allowed farming a crazy amount of in-game credits in a few minutes. Playground Games quickly pulled the plug on the exploit by disabling one of the game's online modes, and today, the studio is rolling out another hotfix. In my review, I complained about the game still showering gamers with cars, credits, and wheelspins. As such, earning money in Forza Horizon 6 is not a particularly difficult task. You simply have to play the game, crazy, I know. However, people still found an easier path to becoming a billionaire in Forza Horizon 6. All you had to do was purchase the Hummer EV, install a specific tune, shift in reverse while going at about 15 MPH, hit a wall, and get launched into the stratosphere at the speed of light. While mid-air, launch Eliminator and quickly get eliminated. Boom, the game just awarded you with a few million in-game credits. Initially, Playground Games disabled Eliminator to prevent people from farming credits. Now, following the release of the first balancing update, developers are rolling out a new update that re-enables Eliminator and gives users a free McLaren Sabre as a gesture of goodwill. Here is the changelog: One critical issue remains unpatched, though. There are quite a few reports of the game wiping gamers' saves, and developers are still looking into that. To avoid potential data loss, Playground Games recommends taking one of the steps outlined in a previously published support article.

  • Recent Achievements

    • First Post
      AndreaB earned a badge
      First Post
    • Week One Done
      Huge Trailer earned a badge
      Week One Done
    • Week One Done
      Classifyskilleducation earned a badge
      Week One Done
    • One Month Later
      eurospharma62 earned a badge
      One Month Later
    • Week One Done
      With What earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      592
    2. 2
      +Edouard
      171
    3. 3
      PsYcHoKiLLa
      76
    4. 4
      Michael Scrip
      68
    5. 5
      neufuse
      64
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!