arcgis api for javascript跨域处理方案

PHP Proxy File ================= A PHP proxy that handles support for * Accessing cross domain resources * Requests that exceed 2048 characters * Accessing resources secured with token based authentication. * [OAuth 2.0 app logins](https://developers.arcgis.com/en/authentication). * Enabling logging * Both resource and referer based rate limiting ##Instructions * Download and unzip the .zip file or clone the repository. You can download [a released version](https://github.com/Esri/resource-proxy/releases) (recommended) or the [most recent daily build](https://github.com/Esri/resource-proxy/archive/master.zip). * Install the contents of the PHP folder by adding all files into a web directory. * Test that the proxy is able to forward requests directly in the browser using: ``` http://[yourmachine]/PHP/proxy.php?http://services.arcgisonline.com/ArcGIS/rest/services/?f=pjson ``` * Edit the proxy.config file in a text editor to set up your proxy configuration settings. * Update your application to use the proxy for the specified services. In this JavaScript example requests to route.arcgis.com will utilize the proxy. ``` urlUtils.addProxyRule({ urlPrefix: "route.arcgis.com", proxyUrl: "http://[yourmachine]/PHP/proxy.php" }); ``` * Security tip: By default, the proxy.config allows any referrer. To lock this down, replace the ```*``` in the ```allowedReferers``` property with your own application URLs. * Security tip: Verify that the ```proxy.config``` file is not accessible via the Internet and that the PHP server is configured correctly. To verify the proxy setup, open ```http://[yourmachine]/PHP/proxy-verification.php``` in a web browser and follow the instructions. ##Proxy Configuration Settings * Use the ProxyConfig tag to specify the following proxy level settings. * **mustMatch="true"** : When true only the sites listed using serverUrl will be proxied. Set to false to proxy any site, which can be useful in testing. However, we recommend setting it to "true" for production sites. * **logFile="<file with local path>"** : When a path to a local file is specified event messages will be logged. * **allowedReferers="http://server.com/application1,https://server.com/application2"**: A list of referer URLs. Only requests coming from referers in the list will be proxied. * Add a new \<serverUrl\> entry for each service that will use the proxy page. The proxy.config allows you to use the serverUrl tag to specify one or more ArcGIS Server services that the proxy will forward requests to. The serverUrl tag has the following attributes: * **url**: Location of the ArcGIS Server service (or other URL) to proxy. Specify either the specific URL or the root (in which case you should set matchAll="true"). * **matchAll="true"**: When true all requests that begin with the specified URL are forwarded. Otherwise, the URL requested must match exactly. * **username**: Username to use when requesting a token - if needed for ArcGIS Server token based authentication. * **password**: Password to use when requesting a token - if needed for ArcGIS Server token based authentication. * **clientId**: Used with clientSecret for OAuth authentication to obtain a token - if needed for OAuth 2.0 authentication. **NOTE**: If used to access hosted services, the service(s) must be owned by the user accessing it, (with the exception of credit-based esri services, e.g. routing, geoenrichment, etc.) * **clientSecret**: Used with clientId for OAuth authentication to obtain a token - if needed for OAuth 2.0 authentication. * **oauth2Endpoint**: When using OAuth 2.0 authentication specify the portal specific OAuth 2.0 authentication endpoint. The default value is https://www.arcgis.com/sharing/oauth2/. * **rateLimit**: The maximum number of requests with a particular referer over the specified **rateLimitPeriod**. * **rateLimitPeriod**: The time period (in minutes) within which the specified number of requests (rate_limit) sent with a particular referer will be tracked. The default value is 60 (one hour). ##Folders and Files The proxy consists of the following files: * proxy.config: This file contains the configuration settings for the proxy. This is where you will define all the resources that will use the proxy. * proxy.php: The actual proxy application. In most cases you will not need to modify this file. Other useful files in the repo: * .htaccess: This file is an example Apache web server file which includes recommended file filtering. * proxy-verification.php: Useful testing page if you have installation problem. Files created by the proxy: * proxy.sqlite: This file is created dynamically after proxy.php runs. This file supports rate metering. * proxy_log.log: This file is created when the proxy.php runs (and logging is enabled). Note: If you do not have write permissions to this directory this file will not be created for you. To check for write permissions run the proxy-verification.php. ##Requirements * PHP 5.4.2 (recommended) * cURL PHP extension * OpenSSL PHP extension * PDO_SQLITE PDO PHP extension ### Example Configurations The PHP proxy supports both XML and JSON configurations. XML is the default. To change the default you must switch ````$proxyConfig->useXML();```` to ````$proxyConfig->useJSON();```` at the bottom of the proxy.php file. No matter what style configuration chosen, always save the configuration as ```proxy.config```. When using this proxy for testing or research and development you may want to add ```*``` to the ```allowedReferers``` property. However, using ```*``` in production is not recommended. In order to test the proxy like below make sure to add a ```*``` to the ```allowedReferers``` property. Note, the example configuration file contains the ```*``` within ```allowedReferers```. ``` http://[yourmachine]/PHP/proxy.php?http://[machineyouknow]/arcgis/rest/services ``` XML example ``` <ProxyConfig mustMatch="true" logFile="proxy_log_xml.log" allowedReferers="http://server.com/application1,https://server.com/application2,*"> <serverUrls> <serverUrl url="http://sampleserver6.arcgisonline.com" username="username" password="password" rateLimit="120" rateLimitPeriod="60" matchAll="true"/> <serverUrl url="geoenrich.arcgis.com" username="username" password="password" rateLimit="120" rateLimitPeriod="60" matchAll="true"/> <serverUrl url="https://route.arcgis.com" matchAll="true" oauth2Endpoint="https://www.arcgis.com/sharing/oauth2" clientId="6Xo1d-example-9Kn2" clientSecret="5a5d50-example-c867b6efcf969bdcc6a2" rateLimit="120" rateLimitPeriod="60"> </serverUrl> <serverUrl url="http://services.arcgisonline.com/ArcGIS/rest/services/" rateLimit="120" rateLimitPeriod="60" matchAll="false"/> </serverUrls> </ProxyConfig> ``` JSON example ``` { "proxyConfig": [ { "mustMatch": true, "logFile": "proxy_log_json.log", "allowedReferers":["http://server.com/application1","https://server.com/application2","*"] } ], "serverUrls": [ { "serverUrl" : [ { "url": "http://sampleserver6.arcgisonline.com", "username": "username", "password": "password", "rateLimit": "120", "rateLimitPeriod": "60", "matchAll": true } ] }, { "serverUrl" : [ { "url": "geoenric