On Aug 15, 2012, at 9:38 AM, Lansing Madry wrote:
> We're a little unclear on exactly what's going on here. It seems that one
> server (host A - ucsd in this case) is being asked by another server (host B
> ) to serve up some data. If B puts in a request to A, why does A need to
> specifically authorize the request? What are the security implications here,
> since that seems to be the underlying rationale? If security is the issue,
> then is seems perhaps unwise to set domain="*" in the <allow-access> tag.
> Thanks for your comments.
Even more so, Jay claims the file is need to enforce security, By default, in
up, not clamp things down. \ncWMS works on this site, at least in my tests.
So they would be opening up a crossdomain request so that someone outside could
My guess is that it is fact the Oregon State folks who are making the cross
domain request, and they are the ones who need to have the crossdomain file.
This is a guess, I could be wrong, but it would make more sense.
"The contents of this message do not reflect any position of the U.S.
Government or NOAA."
Supervisory Operations Research Analyst
Environmental Research Division
Southwest Fisheries Science Center
1352 Lighthouse Avenue
Pacific Grove, CA 93950-2097
e-mail: Roy.Mendelssohn@xxxxxxxx (Note new e-mail address)
"Old age and treachery will overcome youth and skill."
"From those who have been given much, much will be expected"
"the arc of the moral universe is long, but it bends toward justice" -MLK Jr.