Solving Same Origin Policy Problem (or cross-site script)
"Same Origin Policy" is a security restriction for client (browser)-side scripting. (Read: http://en.wikipedia.org/wiki/Same_origin_policy). This policy make JS development tricky in developer's local machine. Here is how to solve the problem. Helpful links are:
- http://trac.openlayers.org/wiki/FrequentlyAskedQuestions#ProxyHost
- http://n2.nabble.com/GeoServer-Proxy-Extension-OpenLayers-td3998936.html
How to
- install apache httpd to your local
- install "proxy.cgi" to your local (download at http://trac.openlayers.org/browser/trunk/openlayers/examples/proxy.cgi)
- CGI script is in python. You may need to install python and change the header of the CGI script
- Test "proxy.cgi" by accessing http://localhost/proxy.cgi
- If proxy.cgi shows openlayers home page, it's working.
- Edit proxy.cgi to add the our geoserver host
- Add your geoserver host name to allowedHosts list
- Add the line as below to your JS
- OpenLayers.ProxyHost = "/cgi-bin/proxy.cgi?url=";