Enable Cross-Origin Resource Sharing to Allow Cross-Site JSON
We just discovered our open data wasn't nearly as open as we believed. Turns out for true cross-site requests of JSON data you need to add a HTTP Reponse Header:
The method one uses to do so vary widely by webserver and host. In our case, for IIS7 the simplest method was to configure it in the web.config:
<?xml version="1.0" encoding="utf-8"?> <configuration> <system.webServer> <httpProtocol> <customHeaders> <add name="Access-Control-Allow-Origin" value="*" /> </customHeaders> </httpProtocol> </system.webServer> </configuration>
For more information on the why and how as well as directions for other webservers visit enable-cors.org. The folks behind hacks.mozilla.org also offer a solid overview of Cross-site XmlHttpRequest with CORS. Use the form at http://enable-cors.org/#check to see if your site is CORS enabled.
At this time only IFWIS Core is CORS-Enabled on IDFG's website.
What is this?
We use the IFWIS Blog to keep our staff, cooperators and the public updated on what we are working on, what's new and share tips about using our software and website.
The content of the IFWIS Blog is often highly technical, but we try our best to keep our posts accessible and jargon-free. When this is not possible, we'll link to other resources online to provide background. Thanks for reading and please follow our blog for updates.
- IFWIS RSS Feed
- Daily Email Digest (All Public Content)
- Or follow just one of the many topic-specific tag feeds or pages below.
- 1 of 6