AnsweredAssumed Answered

PROXY and CORS (Control-Allow-Origin)

Question asked by tobe81cwb on Apr 28, 2016
Latest reply on Dec 8, 2016 by sacdou

Hi,

 

I'm having problems to set the proxy for my application!

 

My current setup:

- ArcGIS Server 10.4 on 'server.virtual.private' or '192.168.210.100'

- Proxy .NET running with IIS 8.5 on 'server.virtual.private' (same machine than ArcGIS Server 10.4)

- Application with Javascript API 3.16 on 'host-vm' or '192.168.210.1' (with browsersync.io)

 

Installed the proxy from GitHub

Put the .NET version on a inetpub\wwwroot subfolder, created a app, etc...

 

Then, I tested the proxy (according with the README.md):

 

"Test that the proxy is installed and available":

http://server.virtual.private/DotNet/proxy.ashx?ping!

Got a valid response:

{ "Proxy Version": "1.1.0", "Configuration File": "OK", "Log File": "Not Exist/Readable"}

 

"Test that the proxy is able to forward requests directly in the browser using":

http://server.virtual.private/esri_proxy/proxy.ashx?http://server.virtual.private/arcgis/rest/services/teste/TEST_SERVICE/FeatureServer?f=json

Got a valid response:

{
   "currentVersion":10.4,
   "serviceDescription":"TEST_SERVICE",
   "hasVersionedData":false,
   "supportsDisconnectedEditing":false,
   "syncEnabled":false,
   "supportedQueryFormats":"JSON, AMF",
   "maxRecordCount":1000,
   "capabilities":"Create,Delete,Query,Update,Uploads,Editing",
   "description":"",
   "copyrightText":"",
   "spatialReference":{
      "wkid":102100,
      "latestWkid":3857
   },
   "initialExtent":{
      "xmin":-5373925.95008382,
      "ymin":-1779327.897638279,
      "xmax":-5367538.895643042,
      "ymax":-1776174.0579972658,
      "spatialReference":{
         "wkid":102100,
         "latestWkid":3857
      }
   },
   "fullExtent":{
      "xmin":-5371483.1645,
      "ymin":-1779695.3658000007,
      "xmax":-5368931.5394,
      "ymax":-1776737.2322000004,
      "spatialReference":{
         "wkid":102100,
         "latestWkid":3857
      }
   },
   "allowGeometryUpdates":true,
   "supportsApplyEditsWithGlobalIds":false,
   "units":"esriMeters",
   "documentInfo":{
      "Title":"",
      "Author":"",
      "Comments":"",
      "Subject":"",
      "Category":"",
      "Keywords":"TEST_SERVICE"
   },
   "layers":[
      {
         "id":0,
         "name":"TEST_SERVICE"
      }
   ],
   "tables":[

   ],
   "enableZDefaults":false
}

 

So, the proxy appear to be OK!

 

Then, I edited the proxy.config file, with this content (this is for test development):

<?xml version="1.0" encoding="utf-8" ?>
<ProxyConfig allowedReferers="*" mustMatch="false">
  <serverUrls>
      <serverUrl url="http://server.virtual.private" matchAll="true" username="siteadmin" password="secret" />
  </serverUrls>
</ProxyConfig>

 

 

Then, according with README.md, and document on Using the proxy | Guide | ArcGIS API for JavaScript I must put the URL of the proxy on my javascript application.

I put the following lines on top of main file of application:

esriConfig.defaults.io.proxyUrl = 'http://server.virtual.private/DotNet/proxy.ashx';
esriConfig.defaults.io.alwaysUseProxy = false;

 

Tested my application and got a 500 response when asked for a Feature Layer.

"XMLHttpRequest cannot load http://server.virtual.private/DotNetProxy/proxy.ashx?http://server.virtual.private/arcgis/rest/services/teste/TEST_SERVICE/FeatureServer?f=json. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested source. Origin 'http://192.168.210.1:8080' is therefore not allowed access.".

 

So, I got a CORS! but according with the documentation on Using the proxy | Guide | ArcGIS API for JavaScript:

"ArcGIS Server 10.1 supports CORS out of the box."

OK, I have some problems now!!

 

In same documentation:

"For earlier versions, an administrator can add CORS support. Visit enable-cors.org for detailed instructions"

 

Let's try anyway!

Modified the web.config file on proxy application on IIS (from lines 07 to 15).

<?xml version="1.0"?>
<configuration>
  <system.web>
    <compilation debug="false" targetFramework="4.0"/>
  </system.web>

  <system.webServer>
    <httpProtocol>
      <customHeaders>
        <add name="Access-Control-Allow-Origin" value="*" />
        <add name="Access-Control-Allow-Headers" value="*" />
        <add name="Access-Control-Allow-Methods" value="*" />
      </customHeaders>
    </httpProtocol>
  </system.webServer>

  <system.diagnostics>
    <switches>
      <add name="TraceLevelSwitch" value="Info" />
    </switches>
    <trace autoflush="true" indentsize="4">
      <listeners>
        <add name="agsProxyLogListener" type="System.Diagnostics.TextWriterTraceListener"
             initializeData="C:\Temp\Shared\proxy_logs\auth_proxy.log" />
        <remove name="Default" />
      </listeners>
    </trace>
  </system.diagnostics>
</configuration>

 

Now, I get a new error!

"XMLHttpRequest  cannot load http://server.virtual.private/DotNetProxy/proxy.ashx?http://server.virtual.private/arcgis/rest/services/teste/TEST_SERVICE/FeatureServer?f=json. Request header field X-Requested-With is not allowed by Access-Control-Allow-Headers in preflight response.".

 

So, what's the correct way to configure the proxy? Because I do everything that was on documents, and got errors.

Outcomes