How to use Nginx web server for reverse proxy between ASP.NET web app and Orthanc server?

[Si Thu Kyaw]

I am trying to use Orthanc (open-source) dicom server to manage my dicom files. I have an ASP.NET MVC 5 application that contains Cornerstone (Dicom Viewer) javascript library to load and view the dicom files from Orthanc's Web API.

The problem is whenever the Cornerstone javascript library make XHR request to Orthanc server, the Cross Origin Resource Sharing related error. i.e; "No 'Access-Control-Allow-Origin' header is present on the requested resource" occurs.

As in the Orthanc offical documentation, I found that one of the ways to resolve the CROS problem is setting up an reverse proxy server. So, I install Nginx server.

The expected request processes are as follow;

- ASP.NET MVC client at localhost:33488/index.html makes XMLHttpRequest to Proxy Server Listening at localhost port 8082

- The proxy server then passes the request to the Orthanc Web API at localhost:8042/ with require CORS headers

but it is still couldn't resolve the CORS problem.

This is my Nginx proxy server configurations.

================================================

    #proxy-server

server {

        listen 8082;

server_name localhost;

location /instances/{

proxy_pass http://127.0.0.1:8042/instances;

access_log  logs/access.log;

proxy_set_header HOST $host;

proxy_set_header X-Real-IP $remote_addr;

rewrite /instances/(.*) $1 break;

add_header 'Access-Control-Allow-Credentials' 'true';

add_header 'Access-Control-Allow-Headers' 'DNT, X-CustomHeader, Keep-Alive, User-Agent,X-Requested-With,If-Modified-Since, Cache-Control, Content-Type';

add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';

add_header 'Access-Control-Allow-Origin' '*';

}

}

Thanks.

[Alain Mazy]

To avoid the CORS problems, your orthanc server and your ASP.Net application should be available on the same port.  

Here, you still have your ASP.Net app on port 80 and your orthanc app on port 8082.

I think you should also configure a reverse proxy for your ASP.Net app so the they are both on the same port.

Your app should use '/instances' as the base url for orthanc and not 'http://localhost:8082/instances'

Here is a sample nginx config we use with a django app served on port 9750:

server {

    listen 80;

    # server_name example.org;

    charset utf-8;

    root /var/www/apps/webApp;  #the static files

    location / {

    }

    location /api/ {  #the django app

        proxy_pass http://127.0.0.1:9750;

        rewrite /api(.*) /$1 break;

    }

    location /orthanc { #the orthanc app

        rewrite /orthanc(.*) /$1 break;

        proxy_pass http://127.0.0.1:8042;        

        proxy_set_header Host $host;

        proxy_set_header X-Real-IP $remote_addr;

        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

    }

}

--

Alain Mazy / CTO 
a...@osimis.io / +32 494 31 67 27

	OSIMIS S.A.  Rue bois Saint-Jean 15/1BE-4102 Seraing  www.osimis.io

[Si Thu Kyaw]

Thank you Alain Mazy,

Thanks for the useful information. I am going back to project to test the way you advice. :)

 

[Si Thu Kyaw]

I updated the Ngnix proxy server configuration and everything is currently working fine for local server but I haven't tasted for remotely hosted servers.
I didn't change anything for CORS support in IIS and my Asp.Net MVC application config.

The updated Ngnix's config file (nginx.conf) was as follow;

#proxy-server
    server    {
       
        listen 8082;
        server_name default_server;
       
       
        location /orthanc/{
            access_log  logs/access.log;
            proxy_pass http://localhost:8042;

            proxy_set_header HOST $host;
            proxy_set_header X-Real-IP $remote_addr;

            rewrite /orthanc(.*) $1 break;

           
           
            add_header 'Access-Control-Allow-Credentials' 'true';
            add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
            add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
            add_header 'Access-Control-Allow-Origin' '*';
           
       
           
        }
       
    }

The XHR request from the Cornerstone library is like this:

http://localhost:8082/orthanc/instances/d0630585-b29faf47-cf580bcc-31268167-b557b3c9/file;

Now it works as expected, the Nginx proxy server was updated the required CORS header information and passed to Orthanc REST API. Then Orthanc server now response with required dicom file.