If you create web-based GIS websites
without using the browser plug-in that provides ECWP ability you need to be aware of something very important.
All modern web browsers impose a security restriction that prevents a script or application from making a connection to any web server other than the one the web page originally came from.
So, if your JavaScript file comes from
http://iws.erdas.com/ it can only talk to resources from
http://iws.erdas.com/.
It cannot access resources from another domain like
http://www.yahoo.com/ or even
http://www.erdas.com/ .
This can present a challenge when we use a purely HTML and JavaScript front-end to imagery or GIS data. We may have these resources on different servers and domains. For example, I might serve my web page (html, JavaScript, etc) and imagery from one server, but my GIS information from a different server. Given the above limitation, this isn't available by using just a browser. So, how do we get around this.
To be able to request data from a source apart from the scripts orginating domain, we use "server-side proxys". These server-side applications reside on the domain that the javascript is served from. They essentially "complete" the request of the script that it isn't able to do.
For example, my script from
http://iws.erdas.com/ would talk to a server-side proxy on the same machine, and this server-side proxy would request the data on the scripts behalf. Once the server-side proxy has the information, it gives it back to the script.
This is common in many new web applications, where information is required from a number of different domains.
In Image Web Server, it is important to add any website that you want to access data from to the list of "allowed domains" in the proxies list. Only domains that are in this list will be communicated with via the server-side proxy. It is obviously sensible to restrict access to this proxy server.
If you use the ECWP browser plug-in, you don't have to worry about this. The plug-in operates under a different security context and can request information from different domains, without having to go through a proxy.
For websites developers
If you are creating websites on your local test machine, you need to make sure that you have access to a server-side proxy there, as well as your production machine. You would be able to install IWS on your local machine and use its built in server-side proxy, even if it is running in its "free-mode".
Diagrams sourced from:
http://developer.yahoo.com/javascript/howto-proxy.html#why