Opened 7 years ago

Last modified 20 months ago

#61 new defect

Feedback: countries layer of OpenLayers3 demo not appearing in Firefox

Reported by: Jeff McKenna Owned by: Jeff McKenna
Priority: major Milestone: 5.0.0 release
Component: MS4W - Packages Version: 3.1.4
Keywords: Cc:
Blocked By: Blocking:


From Jukka:

Some observations about the demo that starts from http://localhost/openlayers/examples/mapserver-wms.html?mode=advanced

  • Countries layer does not show with Firefox 46.0.1 on Windows 7. Only the background is visible but Firefox shows that valid GetMaps are sent and good maps are coming back from the server. GetFeatureInfo works. With IE 11 also Countries is OK.

Change History (8)

comment:1 by Jeff McKenna, 7 years ago

This is a complex issue. Good news is that I can duplicate, and there is a quick fix. Bad news is that to fix this properly a new module will have to be enabled in Apache, and a setting added to httpd.conf. Here are my findings:


Actual Error Message

Image from origin '' has been blocked from loading by Cross-Origin Resource Sharing policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost' is therefore not allowed access.

How to Reproduce

  • \ms4w\apps\openlayers-3.15.1\examples\mapserver-wms.js contains a url with
       url: '',

Reason for Error

Web browsers have security included to not allow Javascript being executed in regards to a different host. OpenLayers2 users will remember having to use a 'proxy.cgi' file often for this scenario. For OpenLayers3, there is a 'crossOrigin' parameter to handle these requests. Here is a good discussion on this crossOrigin:

Quick Workaround

If you are using localhost, then edit \ms4w\apps\openlayers-3.15.1\examples\mapserver-wms.js and modify the url parameter (line #2) to:

  url: 'http://localhost/cgi-bin/mapserv.exe?MAP=/ms4w/apps/openlayers-3.15.1/examples/map/',

Longer-term Solution

MS4W's Apache must be modified as follows, to allow both localhost and in OpenLayers:

  • edit httpd.conf and
    • uncomment line#~117: LoadModule headers_module modules/
    • inside the /cgi-bin location section (line#~384) add: Header set Access-Control-Allow-Origin "*"
    • restart Apache

comment:2 by Jeff McKenna, 7 years ago

Milestone: 4.0 release4.1 release

comment:3 by Jeff McKenna, 3 years ago

Milestone: 4.1 release4.2 release

Milestone renamed

comment:4 by Jeff McKenna, 3 years ago

Milestone: 4.2 release4.1 release

Milestone renamed

comment:5 by Jeff McKenna, 3 years ago

Milestone: 4.1 release4.1.0 release

Milestone renamed

comment:6 by TC Haddad, 2 years ago

Seems like a slightly safer way to go for this is to use

Header add Access-Control-Allow-Origin "localhost";
Header add Access-Control-Allow-Origin "";

in reply to:  6 comment:7 by Jeff McKenna, 2 years ago

Replying to TC Haddad:

Seems like a slightly safer way to go for this is to use

Header add Access-Control-Allow-Origin "localhost";
Header add Access-Control-Allow-Origin "";

Good idea. From testing, apparently we cannot have multiple of these set, as this error is thrown: "Multiple CORS header ‘Access-Control-Allow-Origin’ not allowed".

However this does work (note that the http is required for it to work) :

<Location "/cgi-bin">
    Options None
    Require all granted
    Header add Access-Control-Allow-Origin "http://localhost"

I think this should be added into the next release. (keeping in mind that the overwhelming majority of MS4W users are using the setup.exe installer, which creates a shortcut on their desktop to goto (and avoids this issue). However for advanced users I agree that this is a good enhancement. Will include in next release. Thanks for this idea!

comment:8 by Jeff McKenna, 20 months ago

Milestone: 4.1.0 release5.0.0 release

Milestone renamed

Note: See TracTickets for help on using tickets.