A developer lost in the mountains

Freeboard and Orion Context Broker - a workaround for the CORS issue

Orion Context Broker is an open source component belonging to the wide archipelago of FIWARE components available on this site.

In particular, if you are developing a Data/Context scenario, the Orion Context Broker plays the role of a component in the architecture able to mediate between consumer producers (e.g. sensors) and the context consumer applications (e.g. an smartphone applications taking advantage of the context information provided by the sensors). It runs as a deamon process providing NGSI9 and NGSI10 interfaces. Full documentation here.

When I started to work with Orion Context Broker for my SAT project, I looked around to find a quick & stylish solution to display data stored in the DB used by Orion CB (btw mongoDB); soon I found Freeboard, a nice open source dashboard for the Internet of Things and a "ready to work" plugin for Freeboard that is able to connect it to an Orion instance: Freeboard-Orion-Plugin.

All right? All OK? No, unfortunately the plugin did not work in all my attempts . The fact is that, behind the scene, the freeboard plugin makes a cross-domain Ajax call to my Orion instance and this is inhibited by design due to browser-enforced, same-origin security policies for JavaScript.

What to do then ? Recently W3C came out with the Cross Origin Resource Sharing (CORS) specification, a mechanism that works by adding HTTP headers to cross-domain HTTP requests and responses. The headers indicate the origin of the request and the server has to inform via headers in the response whether it will serve resources to this origin.  This exchange of headers is what makes CORS a secure mechanism totaly transparent to the user since the headers are built by the browser and the server.

So, why it did not worked in my case?

Just because Orion context Broker server does not support CORS at the moment:

there is more than a solution to get rid of the problem. You may create for instance a proxy in PHP:

My Solution:

I followed a different way; I installed Apache httpd on the same machine of the Orion instance and I used it as a proxy.

To do so just follow the steps below:

1) Edit httpd.conf file in /etc/httpd/conf and instruct Apache to load proxy module add the following lines at the end:

LoadModule  proxy_module         modules/
LoadModule  proxy_http_module    modules/
LoadModule  headers_module       modules/
LoadModule  deflate_module       modules/

2) Add proxy permissions as your choice:

<Proxy *>
   Order deny,allow
Allow from all

3) Add some rules to instruct Apache to intercept NGSI calls to Orion:

ProxyPass /v1/queryContext
ProxyPassReverse /v1/querycontext
ProxyPass /v1/registerContext
ProxyPassReverse /v1/registerContext
ProxyPass /v1/updateContext
ProxyPassReverse /v1/updateContext

4) Save conf file and restart your httpd server

Comments (2) -

  • Carlos Moreno

    2/29/2016 12:02:12 AM | Reply

    Hello, I tried to implement this proxy, but still not working.
    I'm using jQuery.ajax at this url http://<Public IP>:1026/v1/contextEntities

    So i added
    ProxyPass /v1/updateContext
    ProxyPassReverse /v1/updateContext

    Am I doing something wrong?

    • Walter Ferrari

      2/29/2016 10:05:05 AM | Reply

      Hi Carlos,
      which version of Orion are you using?
      Please note that since version 0.22 Orion includes support for CORS, see:
      So, perhaps you can solve your issue simply upgrading your Orion instance.