发送"GET"消息.请求Panasonic IP cam控制PTZ移动-被CORS阻止 [英] Sending "GET" requests to Panasonic IP cam to control PTZ movement - blocked by CORS

问题描述

请原谅我的无知，我是Java，HTML和Web开发的新手.

我正在尝试构建一个Web应用程序来控制IP摄像机(Panasonic AW-HE50)的PTZ控件.我可以按照规格表通过浏览器发送基本命令: https: //eww.pass.panasonic.co.jp/pro-av/support/content/guide/DEF/HE50_120_IP/HDIntegratedCamera_InterfaceSpecifications-V1.05E.pdf

例如，我可以通过输入 http来使其开始旋转://172.16.14.90/cgi-bin/aw_ptz?cmd =％23P99& res = 1 进入浏览器.

现在，我只是想将其转换为Java，这样，当您按下网页上的按钮时，它就会发出"GET"请求，以朝特定方向移动相机.

我目前正在讨论的代码如下:

$(document).ready(function(){
  $("button").click(function(){
    $.get(camURL + "T99&res=1", function(data, status){
      alert("Data: " + data + "\nStatus: " + status);
    });
  });
});

但是消息未到达凸轮，Chrome控制台显示为:

在' http://172.16.从来源" http://172.16提取14.90/cgi-bin/aw_ptz?cmd =％23T99& res = 1 ". 14.12 "已被CORS策略阻止:所请求的资源上没有"Access-Control-Allow-Origin"标头."

我对此进行了一些研究，但是解决方案似乎与服务器更相关.据我所知，我不允许访问域，因为它是一个IP凸轮，而不是服务器.另外，我将我的HTML页面托管在同一个本地网络上，以解决此问题，但是它不起作用.令我惊讶的是它没有被识别为同一个域.我也不确定为什么浏览器能够发出此get请求，而Java脚本却不能.

在此先感谢您的帮助，再次对您的无知表示歉意.

安迪

解决方案

这是一个典型的同源策略问题，有2种解决方法:

• 安装IP摄像机并在其中托管HTML页面.
• 将HTTP请求到IP摄像机的代码从网页移动到Java服务器，从而避免了同源策略限制.

通常，第二种方法更好，特别是当您可以将Java服务器与IP摄像机放置在同一局域网中时.以下是一些详细说明:

1. 在Java服务器中托管HTML页面和JavaScript代码(我相信您已经做到了).
2. 当用户单击网页上的按钮时，将Ajax请求发送到Java服务器，而不是IP摄像机.因此，避免同源问题.
3. 当Java服务器收到上述HTTP请求时，解释用户操作并将相应的HTTP请求发送到IP摄像机.由于这是纯服务器端HTTP请求，因此不遵循同源策略.
4. Java服务器收到来自IP摄像机的响应后，将该响应返回给浏览器.

顺便说一句，在上述情况下，Java服务器充当代理的角色.

对于您的某些问题:

我对此进行了一些研究，但解决方案似乎与服务器更相关."

-是的，CORS策略是用于安全保护的浏览器功能.要解决此问题，您需要在服务器中执行某些操作.

我将HTML页面托管在相同的本地网络上，以解决此问题，但是它无法正常工作.我很惊讶它未被识别为同一域."

-要使2个URL成为相同的域(从CORS的角度来看)，以下URL部分应相同:协议，主机名和端口.将2台计算机移到相同的本地网络不符合浏览器的同源策略.

我也不确定为什么浏览器能够发出此get请求，而Java脚本却不能."

-在浏览器的地址栏中键入IP摄像机URL并按回车键时，将向摄像机发送一个简单的常规HTTP GET请求，而不应用任何同源策略.但是，当您从JavaScript代码发送HTTP请求时，出于安全原因，浏览器将检查CORS设置.

Please forgive my ignorance, I am new to java, HTML and web development.

I'm trying to build a web app to control PTZ controls of an IP camera (Panasonic AW-HE50). I am able to send it basic commands through the browser as per the spec sheet: https://eww.pass.panasonic.co.jp/pro-av/support/content/guide/DEF/HE50_120_IP/HDIntegratedCamera_InterfaceSpecifications-V1.05E.pdf

For example I can make it start spinning by typing in http://172.16.14.90/cgi-bin/aw_ptz?cmd=%23P99&res=1 in to the browser.

Now I'm just trying to translate this over to Java, so that when you press a button on the web page, it makes a "GET" request to move the camera in a certain direction.

My code in question at the moment looks like this:

$(document).ready(function(){
  $("button").click(function(){
    $.get(camURL + "T99&res=1", function(data, status){
      alert("Data: " + data + "\nStatus: " + status);
    });
  });
});

However the message doesn't reach the cam, and the Chrome console reads:

"Access to XMLHttpRequest at 'http://172.16.14.90/cgi-bin/aw_ptz?cmd=%23T99&res=1' from origin 'http://172.16.14.12' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource."

I have done some research in to this, but the solutions seem to be more relevant to servers. As far as I know, I cannot allow access to a domain, as it is an IP cam, not a server. Also, I hosted my HTML page on the same local network to get around this but it didn't work. I'm surprised that it isn't recognised as the same domain. I am also unsure as to why the browser is able to make this get request but the Java script is not.

Thanks in advance for your help, and sorry again for my ignorance.

Andy

解决方案

This is a typical same-origin-policy problem, and there are 2 ways to fix it:

• Hack the IP camera and host the HTML pages there.
• Move the HTTP-request-to-IP-camera code from web page to Java server, and thus avoid the same-origin-policy limit.

Normally, the 2nd way is better, especially when you can put Java server in the same local network with IP camera. Here are some detail description:

1. Host HTML page and JavaScript code in Java server (I believe you've already done that).
2. When user click button on web page, send Ajax request to Java server, not the IP camera. Thus, avoid same-origin problem.
3. When Java server receives the above HTTP request, interpret the user operation and send corresponding HTTP request to the IP camera. As this is a pure server side HTTP request, it does not follow same-origin policy.
4. After the Java server receives response from IP camera, return that response to browser.

BTW, in the above scenario, the Java server takes the role of proxy.

For some of your questions:

"I have done some research in to this, but the solutions seem to be more relevant to servers."

-- Yes, CORS policy is a browser feature for security protection. To fix the problem, you need to do something in server.

"I hosted my HTML page on the same local network to get around this but it didn't work. I'm surprised that it isn't recognised as the same domain."

-- To make 2 URLs as same domain (in CORS point of view), the following URL part should be identical: protocol, hostname and port. Move 2 machines to the same local network does not satisfy same-origin policy for browser.

"I am also unsure as to why the browser is able to make this get request but the Java script is not."

-- When you type IP camera URL in the browser's address bar and press return, a simple normal HTTP GET request is sent to camera, no same-origin policy is applied. However, when you send HTTP request from JavaScript code, browser will check CORS settings for security reason.

这篇关于发送"GET"消息.请求Panasonic IP cam控制PTZ移动-被CORS阻止的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！