[ka-Map-users] ka-map application layout

Scott Knutti sknutti at sanz.com
Thu Jun 1 16:42:45 EDT 2006


Using script tag injection, can I create a kaXmlOverlay object?  We are 
trying to call a java servlet that will return GML that we will then use 
to create an icon overlay.  If I have the remote.php file return the 
javascript for a function that would create an overlay, would it be 
accessible when needed?  Would you put the sample javascript below in 
kaMap.js?  Also, I am assuming that I can add a url to the front of 


Paul Spencer wrote:
> On 30-May-06, at 8:26 PM, Stephen Woodbridge wrote:
>> Scott Knutti wrote:
>>> Hello all!
>>> Looking for advice on an application layout...  We are trying to 
>>> integrate ka-map into a Java/JSF application.  We have a seperate 
>>> server that is running MapServer and holds all of the data.  The 
>>> application runs on another box.  We have tried putting an iframe 
>>> that resides on the MapServer machine in the app on the other box 
>>> and ran into the UniversalBrowseRead problem.  So we have move the 
>>> ka-map client onto the application server.  Now that it is not on 
>>> the MapServer box, can I simply modify the config.php file to point 
>>> to the mapfile on the MapServer box?  What is the best way to layout 
>>> an application like this?
>>> Thanks,
>>> Scott
>> Scott,
>> We ran into the same problem and when we looked at init.php we saw 
>> that is only threw back a bunch of initialization parameters for the 
>> mapfile. Since we only have a singe mapfile we decided to get rid of 
>> it and just embed the parameters directly into the index.html page 
>> and all tiles are served just fine. This of course eliminated the 
>> ability to use other features that require AJAX access to the server, 
>> but our application was then happy fetching services from the 
>> applications server and to get tiles from the mapserver.
> Scott and Steve,
> I solved the problem the same way Steve did, if that's worth 
> anything.  One further clue.  If you need to use AJAX and find you 
> can't because of this security issue, you can use script tag injection 
> instead of XmlHttpRequest.  Using this method, you can do something like:
> var s = document.createElement('script');
> s.src = 'remote.php';
> document.getElementsByTagName('HEAD')[0].appendChild(s);
> This will cause the contents of remote.php to be executed as 
> javascript without the security restrictions normally associated with 
> XmlHttpRequest or iframe methods.  The downside is that your script 
> has to return javascript.
> Cheers
> Paul
>> -Steve W.
>> _______________________________________________
>> ka-Map-users mailing list
>> ka-Map-users at lists.maptools.org
>> http://lists.maptools.org/mailman/listinfo/ka-map-users
> +-----------------------------------------------------------------+
> |Paul Spencer                           pspencer at dmsolutions.ca   |
> +-----------------------------------------------------------------+
> |Applications & Software Development                              |
> |DM Solutions Group Inc                 http://www.dmsolutions.ca/|
> +-----------------------------------------------------------------+

More information about the ka-Map-users mailing list