[ckan-discuss] [nathan at webr3.org: Please allow JS access to Ontologies and LOD]

Rufus Pollock rufus.pollock at okfn.org
Mon Oct 25 09:24:20 BST 2010

Yes, we should look to implement CORS (we've already done it in
annotator [1]) though how much immediate priority it is given existing
support for JSONP I don't know (most useful if you are doing full
ajaxy applications -- ie. you want to PUT/POST as well as GET.


[1] :

On 23 October 2010 20:20, William Waites <william.waites at okfn.org> wrote:
> This came up in the context of linked data but would seem a good
> idea for the CKAN API as well -- are there any JavaScript clients
> out there? Just a one-line change to the apache config... No
> code changes at all.
> Thoughts?
> -w
> ----- Forwarded message from Nathan <nathan at webr3.org> -----
> Date: Sat, 23 Oct 2010 00:04:09 +0100
> From: Nathan <nathan at webr3.org>
> Subject: Please allow JS access to Ontologies and LOD
> To: Linked Data community <public-lod at w3.org>,
>  Semantic Web <semantic-web at w3.org>
> CC: foaf-protocols <foaf-protocols at lists.foaf-project.org>
> Hi All,
> Currently nearly all the web of linked data is blocked from access via
> client side scripts (javascript) due to CORS [1] being implemented in
> the major browsers.
> Whilst this is important for all data, there are many of you reading
> this who have it in your power to expose huge chunks of the RDF on the
> web to JS clients, if you manage any of the common ontologies or
> anything in the LOD cloud diagram, please do take a few minutes from
> your day to expose the single http header needed.
> Long story short, to allow js clients to access our "open" data we need
> to add one small HTTP Response header which will allow HEAD/GET and POST
> requests - the header is:
>  Access-Control-Allow-Origin "*"
> This is both XMLHttpRequest (W3C) and XDomainRequest (Microsoft)
> compatible and supported by all the major browser vendors.
> Instructions for common servers follow:
> If you're on Apache then you can send this header by simply adding the
> following line to a .htaccess file in the dir you want to expose
> (probably site-root):
>  Header add Access-Control-Allow-Origin "*"
> For NGINX:
>  add_header Access-Control-Allow-Origin "*";
> see: http://wiki.nginx.org/NginxHttpHeadersModule
> For IIS see:
>  http://technet.microsoft.com/en-us/library/cc753133(WS.10).aspx
> In PHP you add the following line before any output has been sent from
> the server with:
>  header("Access-Control-Allow-Origin", "*");
> For anything else you'll need to check the relevant docs I'm afraid.
> Best & TIA,
> Nathan
> [1] http://dev.w3.org/2006/waf/access-control/
> ----- End forwarded message -----
> _______________________________________________
> ckan-discuss mailing list
> ckan-discuss at lists.okfn.org
> http://lists.okfn.org/mailman/listinfo/ckan-discuss

Co-Founder, Open Knowledge Foundation
Promoting Open Knowledge in a Digital Age
http://www.okfn.org/ - http://blog.okfn.org/

More information about the ckan-discuss mailing list