Re: [Gmod-ajax] JBrowse remote files with CORS config

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hey Scott,

Sorry I should have specified, I'm trying to test this in an Apache virtual machine first and then if it works I will try in an AWS bucket perhaps as we're toying with the idea of migrating some of our servers on the cloud.  However, this info is very useful when I get to that step, thank you!

Do you know how this setup would work for Apache?  I was attempting to add the necessary configuration files to the httpd.conf file, does that makes sense?  I'm still getting an error in the browser:

...... has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

I did add an Access-Control-Allow-Origin configuration line with '*' to allow all origins but perhaps I didn't write it correctly.

Thanks,

Vaneet
________________________________
From: Scott Cain <sc...@sc...>
Sent: April 28, 2022 3:45 PM
To: Vaneet Lotay <van...@uc...>
Cc: gmo...@li... <gmo...@li...>
Subject: Re: [Gmod-ajax] JBrowse remote files with CORS config

[△EXTERNAL]

Hi Vaneet,

I remember seeing this email a few weeks ago but forgot to answer; thanks for giving me a poke.

There is nothing that needs to be done for anything on the server that is serving up JBrowse, other than making sure you have absolute URLs instead of the more typical relative urls that point at a "local" (to the JBrowse installation) data directory.

For setting up CORS for S3, I know how to do that via the aws command line tool.  Essentially, you can run `aws s3api get-bucket-cors --bucket <name>` which will tell you what the current status of CORS is for the bucket, and then `aws s3api put-bucket-cors --bucket <name> --cors-configuration <json.file>` where the json file will look something like this (which is the one I use for one of our WormBase buckets):

{
    "CORSRules": [
        {
            "AllowedHeaders": [
                "*"
            ],
            "AllowedMethods": [
                "GET"
            ],
            "AllowedOrigins": [
                "*"
            ],
            "ExposeHeaders": [
                "Accept-Ranges",
                "Content-Range",
                "Content-Encoding",
                "Content-Length"
            ],
            "MaxAgeSeconds": 3000
        }
    ]
}

The other item is that the data in the bucket has to be public readable, which means that when you upload the data, you should add `--acl public-read` to the command line `aws s3 cp` command, and I assume there is a similar thing you can do with the web interface, but I don't know how to do that.

Please let me know if this makes sense or if you need any more help,
Scott

On Thu, Apr 14, 2022 at 9:14 AM Vaneet Lotay <van...@uc...<mailto:van...@uc...>> wrote:
Hi all,

I'm just wondering if I wanted to load tracks from a remote URL, specifically an HTTPS address, I understand from the documentation that CORS configuration must be setup on the remote server that I'm accessing let's say the bigWig tracks from.  What exactly is involved in that setup, do you simply add the CORS configuration file to the remote server?  If you're working with apache do you simply add it do it's configuration folder?  Are there any other steps involved or is it that simple?  I'm guessing putting a wildcard (*) in the Allowed Origin field allows any server to fetch files from the remote server, but I suppose you can specifiy a specific IP address too?

I did see an example given for configuration related to an Amazon S3 bucket, that would be relevant to me also as I'm contemplating this type of setup as well to store my tracks.

Thanks,

Vaneet
_______________________________________________
Gmod-ajax mailing list
Gmo...@li...<mailto:Gmo...@li...>
https://lists.sourceforge.net/lists/listinfo/gmod-ajax

--
------------------------------------------------------------------------
Scott Cain, Ph. D.                                                  scott at scottcain dot net
GMOD Project Manager (http://gmod.org/)                            216-392-3087
WormBase Developer (http://wormbase.org/)
Alliance of Genome Resources Group Leader (http://alliancegenome.org/)
VirusSeq Project Manager (https://virusseq-dataportal.ca/)
Human Cancer Models Initiative Project Manager (https://hcmi-searchable-catalog.nci.nih.gov/)