I’m using the osimis/orthanc:master-full-stable image which integrates OHIF. Tested it on old explorer as well as on Orthanc Explorer 2.
On the old explorer, it shows a CORS error while using OHIF viewer. On the Orthanc Explorer 2, regardless of whichever IP the docker is hosted on, the OHIF viewer has the localhost URL.
Thank you so much for pointing it out. Currently, it’s on local docker. Will definitely pass those as secrets once It’s deployed. What about the CORS issue though?
Don’t forget that other people have other stuffs to do than responding to your questions - sometimes, they even need to sleep, eat and enjoy their life. Trying to push them with this kind of reminders is the best way not to receive a response.
Apologies Alain. I work in a different timezone than yours. Yesterday, I messaged you when I logged off at work. Today, when I logged in, I thought of just reminding you with some additional details. My team and me are doing some extensive research on this and are desperately awaiting for a resolution on this. I apologise again if my reminders have caused inconvenience to you. Will await your response.
I have gone through the topic, wherein it mentions that the CORS issue is taken care of by addition of required headers. But the issue still occurs on the osimis/orthanc images, particularly, when it is not being triggered using localhost IP address. Hence, I’m here to discuss on a possible resolution on it.
I have just added this Docker sample setup to test running Orthanc and OHIF from a remote computer with HTTPS enabled. It seems to work.
If you disable HTTPS, I’m indeed getting the “CORS isolation” error when accessing OHIF from a remote computer and not when accessing OHIF from localhost. To me, this seems like a browser protection feature:
either you are running in a “trusted environment”: localhost or HTTPS and the browser won’t complain
if you are accessing a remote site without HTTPS, the browser is more strict.
To me, these limitations come from the use of SharedArrayBuffer in OHIF and they require the same kind of trusted environment (reference).
Hope this helps and clarifies these numerous CORS issues with OHIF.
Thank you so much Alain for the clarification. As per my config, I need to run it in a secure environment. Wasn’t aware that OHIF would need a secure environment for MPR to work. I will look into it. Thanks a lot for your guidance.
Thank you for your support. I was able to deploy Orthanc securely and use OHIF. However, when I try to open it using iFrame, it still shows Cross-Origin-Isolation error. When I open it in a separate tab, it works smoothly. Please guide me on this? Any issue with OHIF-Orthanc integration or a bug with OHIF?