• 0

I think I'm fighting the Same Origin Policy

Asked by Shadrack,

 Share

Question

Grand Master

Shadrack

Posted
Posted

Hi!

About 10 years ago I basically LIVED in this forum. Now I'm returning to web development for a small project of porting my application that I've written in LabVIEW to be used over the web. The fact that I am using LabVIEW isn't really important. What is important is that my LabVIEW application is running a REST service on my port 8080, and I'm trying to consume that service using some Jquery in an html page running on IIS on port 80.

The service I'm using to get things going is a simple adding service that takes the form:

http://localhost:808...:input1/:input2

Where the output is the summation of the two inputs. So for example if I were to do a GET request for http://localhost:8080/add/1/2 the return would look like:

<Response>
<Terminal>
<Name>Output</Name>
<Value>3.000000</Value>
</Terminal>
</Response>

I can't even get this basic checkout to work:

	   	 $.ajax({
				type: "GET",
				url: "http://localhost:8080/add/1/2",
				success: function(data){		
					alert(data);
				}
			});

Doing some searching reveals that I'm up against the old "Same Origin Policy" because my script is being accessed through port 80 (where IIS lives) and is trying to place a call to port 8080 (where my web service lives).

So many friggen solutions out there! But I'm having trouble getting any of them to work. It would be great if my alert box would popup and give me the correct response. I think that some kind of reverse proxy might be a good solution, but the manner of setting that up in IIS 7 on Windows 7 Pro isn't sitting well (I'm thinking of switching to Apache just because it does this more gracefully I think).

Ultimately I do not think a reverse proxy will work on the production server because I am not the admin. And what I give them as a web service installation will be running on a different port (and possibly a different domain) than the front end javascript client.

Thanks for your time.

11 answers to this question

Recommended Posts

  • 0
Rising Star

tim_s

Posted
Posted

Hi,

Do you have a public facing IP?

I.e. how can I see your results to debug?

--

When you refer to the origin policy I am assuming you mean that you are sending the request from http://localhost(:80)/ to http://localhost:8080/?

  • 0
Grand Master

Shadrack

Posted
  • Author
Posted

Hi,

Do you have a public facing IP?

I.e. how can I see your results to debug?

--

When you refer to the origin policy I am assuming you mean that you are sending the request from http://localhost(:80)/ to http://localhost:8080/?

Sorry, I do not have a public facing IP right now (and do not have the authority to enable that).

Yeah, sending the request from http://localhost:80/ to http://localhost:8080/

I'm reading about CORS as a possible solution. But there is a requirement to echo back the origin in the HTTP header which I do not think is possible with a LabVIEW web service....

-Shad

  • 0
Rising Star

tim_s

Posted
Posted

Sorry, I do not have a public facing IP right now (and do not have the authority to enable that).

Yeah, sending the request from http://localhost:80/ to http://localhost:8080/

I'm reading about CORS as a possible solution. But there is a requirement to echo back the origin in the HTTP header which I do not think is possible with a LabVIEW web service....

-Shad

This could be done in a 100 different ways depending on your level of access. How many calls a second would you be looking to instantiate? I.e. would an extra step provide an efficiency issue?

  • 0
Grand Master

Shadrack

Posted
  • Author
Posted

This could be done in a 100 different ways depending on your level of access. How many calls a second would you be looking to instantiate? I.e. would an extra step provide an efficiency issue?

I don't see any extra steps providing efficiency issues...

the number of calls is pretty low...as in a user would really only be expected to issue 1 call.

My end product (not this trivial addition one) will have the following work flow

Present user with web form -> User fills out web form and hits submit -> Contents of web form are compiled to a POST response and pushed to my REST service on port 8080 via javascript -> REST Service returns an image URL -> Javascript updates an image tag on the page with the URL returned from the REST Service.

The REST Service takes the data, does some calculations, produces a plot, saves the plot as a PNG image somewhere, and returns a URL for the image file.

In addition the end product will be behind a username/password and access will be limited to a small number of people.

  • 0

Guest pgxl

Posted
Posted

You could use the PHP fsockopen functions http://www.php.net/manual/en/function.fsockopen.php , but sockets extension needs to be enabled in the php.ini file. You could have your php script call the socket directly and pass parameters to it and have the application return results back to the php script, then the script can return data to the end user as the rest response.

If your port 8080 application is running its own webserver or can be loaded from a browser than use CURL within php as it is easier than using fsockopen.

  • 0
Grand Master

Shadrack

Posted
  • Author
Posted

Thanks guys. I have one PHP proxy worked out, but am not happy with the lag...lol (at least not on my development machine).

I found a way to incorporate my static HTML/Javascript/Image/CSS files inside the web service executable (it's compiled) so that my static files are served on port 8080. Doing this alleviated the same origin policy issues and everything is snappy.

This topic is now closed to further replies.
 Share
Go to question listing

  • Posts

    • The quantum search for Time's origin had an equally mind-boggling conclusion

      By Taliseian · Posted

      It's all wibbly-wobbly, timey-wimey....stuff.
    • Flameshot 14.0 Final

      By Copernic · Posted

      Flameshot 14.0 Final by Razvan Serea Flameshot is a free and open-source, cross-platform tool to take screenshots with many built-in features to save you time. Using Flameshot is as simple as launching, dragging the selection box to cover the area you want to capture, making annotations as needed in on-screen and saving the shot to your computer, all with a very simple and straightforward interface. Flameshot allows users to simply upload their screenshots directly to the cloud in order to easily share it with others. You can upload your image directly to Imgur with a single click and share the URL with others. In-app screenshot editing - You can choose to add an arrow mark, highlight text, blur a section (blur or pixelate an area), add a text, draw something, add a rectangular/circular shaped border, add an incrementing counter number, and add a solid color box with Flameshot's built-in editing tools. Command-line interface (CLI) - Flameshot has several commands you can use in the terminal without launching the GUI via a command line interface. The command line interface lets you script Flameshot and use it as the subject of key binds. Flameshot 14.0 release notes: This release brings major improvements to multi-monitor support, fractional scaling support, new capture workflows, and a long list of bug fixes across all platforms. Changelog: New Multi-Monitor Capture Workflow New monitor selection screen before capture for better multi-monitor and mixed-scaling support. Option to auto-capture the monitor under the cursor (X11 & Windows). Tray menu can directly select a monitor. Linux Improvements XDG Desktop Portal is now the primary screenshot method. Added legacy X11 fallback option for minimal window managers. New D-Bus capture API for scripting and automation. Windows Enhancements Global screenshot hotkeys now supported (not limited to Print Screen). New portable mode stores settings next to the executable. Clipboard now always uses PNG format for better compatibility. CLI & Platform Updates Redesigned flameshot screen command with per-monitor capture support. Added native Nix Flake support. More compact launcher UI and improved update notifications. Major Fixes Multiple Wayland stability fixes, including KDE Plasma crash fixes. Clipboard compatibility improvements for GNOME, Wayland, X11, Windows, and macOS. Fixed D-Bus hangs, capture crashes, and HiDPI region issues. Other Changes Dropped Ubuntu 20.04 (Focal) support. Updated translations and build infrastructure. Intel macOS builds are no longer provided. [full release notes] Download: Flameshot 14.0 | 18.1 MB (Open Source) Download: Flameshot Portable | 53.0 MB Links: Flameshot Home Page | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • The quantum search for Time's origin had an equally mind-boggling conclusion

      By branfont · Posted

      Time, as we know it, was invented by Humans!
    • Politically funny images of the World

      By +Edouard · Posted

    • Helium Browser 0.13.4.1

      By Copernic · Posted

      Helium Browser 0.13.4.1 by Razvan Serea Helium is a private, fast, and honest Chromium-based web browser — built for people, with love. It offers the best privacy by default, unbiased ad-blocking, and a clean experience free from bloat and noise. Proudly based on Ungoogled-Chromium, Helium removes Google’s clutter while keeping a fast, efficient development pipeline. With thoughtful touches like native !bangs and split view, Helium is a people-first, fully open-source browser that puts control back in your hands. Privacy, security, and control come first. Ads, trackers, and third-party cookies are blocked automatically, HTTPS is enforced everywhere, and all Chromium extensions work seamlessly — while Google can’t track your activity. Helium’s 13,000+ offline-ready !bangs let you jump straight to sites or AI tools like ChatGPT instantly. Open-source, people-first, and unbiased, Helium delivers a browsing experience that’s fast, secure, and free from noise, ads, and compromises. Helium Browser key features: Performance Fast, efficient, and lightweight — built on Chromium’s optimized engine. Energy-saving and consistent — stays fast over time without slowing down. No bloat — stripped of unnecessary components for maximum speed. Minimalist interface — compact, clean, and distraction-free. Customizable toolbar — hide elements you don’t need. Smooth and stable — no flicker, lag, or animation glitches. Comfort-focused experience — intuitive and unobtrusive. Privacy & Security Best privacy by default — blocks ads, trackers, phishing, and third-party cookies. Unbiased ad-blocking — powered by community filters and uBlock Origin. No telemetry or analytics — zero background web requests on first launch. Strict HTTPS enforcement — warns for insecure sites. Passkeys supported — modern authentication made simple. No built-in password manager or cloud sync — your data stays yours. Extension Compatibility Full Chromium extension support — including MV2 extensions. Anonymized Chrome Web Store requests — Google can’t track extension installs. Extended MV2 support — maintained for as long as possible. Smart Features Native !bangs — browse faster using 13,000+ offline-ready shortcuts. AI integration — use !chatgpt and others directly from the address bar. Offline functionality — bangs work without an Internet connection. Philosophy People-first design — open source, transparent, and community-driven. No ads, no noise, no bias — privacy and honesty over profit. Helium Browser 0.13.4.1 changelog: 0a4f1149 revision: bump to 4 (#1969) 4848de1f helium/core: enable the chromium screenshot feature (#1968) e0dec3f5 onboarding: integrate strings to i18n system (#1948) 417fa5bc i18n: fix newline parsing for onboarding 7a339b39 i18n: add foraged translations for onboarding 4f090cff i18n/generate: add handling for onboarding strings bfe48d58 i18n_apply: manually override parent grd logic for onboarding strings ab214e3c onboarding: bump in deps, wire up grdp afa6a059 helium/core: disable pdf infobar feature (#1965) eba585e7 helium/ui/vertical: fix new tab button alignment and icon size (#1964) 6ecfc9e0 helium/ui/tabs: fix horizontal tab hover background color (#1963) 3db87dc0 helium/ui/tabs: fix new tab button hover/press colors (#1962) 6bbdcc3e helium/ui: improve tab group UI in all layouts (#1961) 53deb314 helium/ui/tabs: enable tab group hover cards e93aece7 helium/ui/vertical: fix tab group appearance, prevent line overlap 629f5495 helium/ui/tabs: restore solid group header colors, enable new colors 961c962e helium/ui/tabs: move horiz tab group underline to bottom, make it thick c96deab6 merge: update to chromium 149.0.7827.155 (#1959) 36db56b4 i18n: update source.gen.json 5ce006ae patches: refresh for chromium 149.0.7827.155 b4c1ea62 merge: update ungoogled-chromium to 149.0.7827.155 4e5e8671 Update to Chromium 149.0.7827.155 08a3e7da helium/ui/layout: disable mute on collapsed vertical tabs (#1778) a0a5bbaf helium/core: simplify context menu and prevent huge widths (#1951) c4732aac devutils/i18n: add forage command (#1944) 11d16986 devutils/i18n: add an option to translate using local CLI tools (#1942) d820c3a2 i18n/prompt: tighten translation rules to prevent common errors (#1940) cf827007 Update to Chromium 149.0.7827.114 6e3d5164 Update to Chromium 149.0.7827.102 Download: Helium 64-bit | Portable 64-bit |~100.0 MB (Open Source) Download: Helium ARM64 | Portable ARM64 Links: Helium Home Page | macOS | Linux | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware

  • Recent Achievements

    • Reacting Well
      BizSAR earned a badge
      Reacting Well
    • First Post
      AndreaB earned a badge
      First Post
    • Week One Done
      Huge Trailer earned a badge
      Week One Done
    • Week One Done
      Classifyskilleducation earned a badge
      Week One Done
    • One Month Later
      eurospharma62 earned a badge
      One Month Later

  • Popular Contributors

    1. 1
      +primortal
      579
    2. 2
      +Edouard
      183
    3. 3
      PsYcHoKiLLa
      75
    4. 4
      Michael Scrip
      73
    5. 5
      neufuse
      64
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!