Omeka S on Cloudron as host for embedded exhibits - CORS
-
We are using Omeka S on Cloudron as an host for several online exhibitions.
Because something like
https://omeka.<cloudron>.<tld>/s/<my-exhibit>is not a very nice and memorable URL, we would like to embed these exhibits in our primary website to get URLs likehttps://www.<museum>.<tld>/virtual-exhibits/<my-exhibit>.We configured our nginx to handle these URLs and to get the content from Omeka, but we ran into a Cross-Origin Resource Sharing (CORS) issue. Searching the forum i found several entries regarding to CORS (e.g. Bug: CORS error), but there doesn't seem to be a consistent solution. In https://forum.cloudron.io/post/64706 @girish gives a quick workaround, but this is not consistent.
As this issue wasn't addressed in the specific forum and time goes by, i wonder if someone knows a solution for the scenario above. I'm pretty sure I am not the only one with this requirement.
-
We are using Omeka S on Cloudron as an host for several online exhibitions.
Because something like
https://omeka.<cloudron>.<tld>/s/<my-exhibit>is not a very nice and memorable URL, we would like to embed these exhibits in our primary website to get URLs likehttps://www.<museum>.<tld>/virtual-exhibits/<my-exhibit>.We configured our nginx to handle these URLs and to get the content from Omeka, but we ran into a Cross-Origin Resource Sharing (CORS) issue. Searching the forum i found several entries regarding to CORS (e.g. Bug: CORS error), but there doesn't seem to be a consistent solution. In https://forum.cloudron.io/post/64706 @girish gives a quick workaround, but this is not consistent.
As this issue wasn't addressed in the specific forum and time goes by, i wonder if someone knows a solution for the scenario above. I'm pretty sure I am not the only one with this requirement.
@GeHo If I understood your setup correctly, you configured nginx to translate
www.<museum>.<tld>calls to youromeka.<cloudron>.<tld>? If this is the case, then there shouldn't be any CORS issue. CORS issue is hit when the browser makes requests directly to omeka when you visit your main site and thus bypassing your nginx. Why do you think this is a CORS issue? -
@GeHo I understand that your main site is not an Omeka installation and that you attempt to integrate each exhibit with an iframe as @nebulon suggests. Is this the case? The CORS issue could come from this approach.
I can suggest a solution for URLs. You can rename your Omeka site from
https://omeka.<cloudron>.<tld>tohttps://virtual-exhibits.<museum>.<tld>or you can configure a web redirection fromhttps://omeka.<cloudron>.<tld>tohttps://virtual-exhibits.<museum>.<tld>. Then configure the rewriting of the right-hand part of the URL by using Omeka-S-module-CleanUrl or by inserting rewriting rules in the.htaccessfile at the root of your Omeka installation. You can modify the.htaccessfile.To integrate an Omeka exhibit into a site. I've tested it and it seems to work.
- one of my Omeka exhibits: https://horae-pictavenses.fr/s/hp/page/accueil
- within an iframe: https://tools.mexina.fr/iframe/
- an experimental exhibit that uses external IIIF references: https://graffitheque.eu/s/site/page/welcome
- within an iframe: https://tools.mexina.fr/iframe/graf.html
-
@GeHo I understand that your main site is not an Omeka installation and that you attempt to integrate each exhibit with an iframe as @nebulon suggests. Is this the case? The CORS issue could come from this approach.
I can suggest a solution for URLs. You can rename your Omeka site from
https://omeka.<cloudron>.<tld>tohttps://virtual-exhibits.<museum>.<tld>or you can configure a web redirection fromhttps://omeka.<cloudron>.<tld>tohttps://virtual-exhibits.<museum>.<tld>. Then configure the rewriting of the right-hand part of the URL by using Omeka-S-module-CleanUrl or by inserting rewriting rules in the.htaccessfile at the root of your Omeka installation. You can modify the.htaccessfile.To integrate an Omeka exhibit into a site. I've tested it and it seems to work.
- one of my Omeka exhibits: https://horae-pictavenses.fr/s/hp/page/accueil
- within an iframe: https://tools.mexina.fr/iframe/
- an experimental exhibit that uses external IIIF references: https://graffitheque.eu/s/site/page/welcome
- within an iframe: https://tools.mexina.fr/iframe/graf.html
@jeau Thanks for the suggestions, and sorry for replying this late. However: Happy New Year!
I don't think that using iFrames to embed an omeka exhibition is very convenient for the user, because he loses the ability to refer to or set a bookmark for a specific page.
-
@GeHo If I understood your setup correctly, you configured nginx to translate
www.<museum>.<tld>calls to youromeka.<cloudron>.<tld>? If this is the case, then there shouldn't be any CORS issue. CORS issue is hit when the browser makes requests directly to omeka when you visit your main site and thus bypassing your nginx. Why do you think this is a CORS issue? -
Why do you think this is a CORS issue?
Because the HTML itself delievered by Omeka loads scripts, images, css etc. from the domain of origin. This causes the CORS issues.
@GeHo said in Omeka S on Cloudron as host for embedded exhibits - CORS:
Because the HTML itself delievered by Omeka loads scripts, images, css etc. from the domain of origin. This causes the CORS issues.
aren't all these covered by same origin policy exceptions ? https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy#cross-origin_network_access
