I am trying to use Orthanc (open-source) dicom server to manage my dicom files. I have an ASP.NET MVC 5 application that contains Cornerstone (Dicom Viewer) javascript library to load and view the dicom files from Orthanc’s Web API.
The problem is whenever the Cornerstone javascript library make XHR request to Orthanc server, the Cross Origin Resource Sharing related error. i.e; “No ‘Access-Control-Allow-Origin’ header is present on the requested resource” occurs.
As in the Orthanc offical documentation, I found that one of the ways to resolve the CROS problem is setting up an reverse proxy server. So, I install Nginx server.
The expected request processes are as follow;
-
ASP.NET MVC client at localhost:33488/index.html makes XMLHttpRequest to Proxy Server Listening at localhost port 8082
- The proxy server then passes the request to the Orthanc Web API at localhost:8042/ with require CORS headers
but it is still couldn’t resolve the CORS problem.
This is my Nginx proxy server configurations.
To avoid the CORS problems, your orthanc server and your ASP.Net application should be available on the same port.
Here, you still have your ASP.Net app on port 80 and your orthanc app on port 8082.
I think you should also configure a reverse proxy for your ASP.Net app so the they are both on the same port.
Your app should use ‘/instances’ as the base url for orthanc and not ‘http://localhost:8082/instances’
Here is a sample nginx config we use with a django app served on port 9750:
server {
listen 80;
charset utf-8;
root /var/www/apps/webApp; #the static files
location / {
}
location /api/ { #the django app
proxy_pass http://127.0.0.1:9750;
rewrite /api(.*) /$1 break;
}
location /orthanc { #the orthanc app
rewrite /orthanc(.*) /$1 break;
proxy_pass http://127.0.0.1:8042;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Thank you Alain Mazy,
Thanks for the useful information. I am going back to project to test the way you advice. 
I updated the Ngnix proxy server configuration and everything is currently working fine for local server but I haven’t tasted for remotely hosted servers.
I didn’t change anything for CORS support in IIS and my Asp.Net MVC application config.
The updated Ngnix’s config file (nginx.conf) was as follow;
`
#proxy-server
server {
listen 8082;
server_name default_server;
location /orthanc/{
access_log logs/access.log;
proxy_pass http://localhost:8042;
proxy_set_header HOST $host;
proxy_set_header X-Real-IP $remote_addr;
rewrite /orthanc(.*) $1 break;
add_header ‘Access-Control-Allow-Credentials’ ‘true’;
add_header ‘Access-Control-Allow-Headers’ ‘DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type’;
add_header ‘Access-Control-Allow-Methods’ ‘GET, POST, OPTIONS’;
add_header ‘Access-Control-Allow-Origin’ ‘*’;
}
}
`
The XHR request from the Cornerstone library is like this:
http://localhost:8082/orthanc/instances/d0630585-b29faf47-cf580bcc-31268167-b557b3c9/file;
Now it works as expected, the Nginx proxy server was updated the required CORS header information and passed to Orthanc REST API. Then Orthanc server now response with required dicom file.
