We have built a custom browser guide with some of the most commonly used queries to make it easier for beginners to get to the data. But for some reason, the :play is failing. Its not a permission problem ( we set that to 777 early on ) and we have checked the format ( the page comes up in browser).
We placed it in /var/www/html
When we type :Play walkingtour ( or any variant, .html etc etc )
we get ERROR Remote Guide Error
TypeError: Failed to Fetch
Any idea ?
My first guess is a cross origin resource sharing (CORS) configuration issue.
I setup a guide earlier and found "The CORS configuration required was disabled on all the web servers I tried, I'm guessing it is normally and generally disabled by default."
This post may be helpful.
We did try that. It is actually installed right on the server in the HTML directory used by http. We also tried it on the data drive, and the root. I think in the last month its been everywhere without any success.
Good thought though
To the best of my knowledge, this advice still applies, if you haven't already, you'll need to allow (through configuration) the cross origin request or it will be rejected by that web server, even if they are on the same physical computer. They are on different ports, and different web server processes, I might try to narrow the CORS setting for only web servers on the same host, but still required.
Ok - I did warn you This from our tech leader. Please excuse his humor.. he tends to be a bit dry but he also tends to be very thorough.
With regard to CORS - would you believe I visited all of those pages on 2/26/20 - as my browser helpfully tells me - and got exactly nowhere? Will dig further and see if there are any updates.
And, would you believe people have been bitching about this since 2015 both on the GitHub Neo4j page and on Neo4j’s own forums? My favorite comment on GitHub was : “IMO, this doesn't make sense to make any changes to support unstable APIs.”
Where CORS enablement seems to belong - if I read the W3.org spec correctly - is in the browser site definition files. Neo4j uses the Bolt browser and provides no information on where to place the directive. They do correctly note that the directive needs to be present…they just don’t tell you where to put it.
3 # Value of the Access-Control-Allow-Origin header sent over any HTTP or HTTPS
2 # connector. This defaults to '', which allows broadest compatibility. Note
1 # that any URI provided here limits HTTP/HTTPS access to that URI only.
So, it should work. In my opinion, Neo4j is not passing this config along to the Bolt browser. But, researched, solved as documented, it should suck in anything we want from anyplace we want. If I were to make a suggestion to them it is that this parameter is incorrectly passed to Bolt./
browser.remote_content_hostname_whitelist=* is the corresponding config which says take anything from anywhere - which also appears in our config. It is documented by Neo4j here:
With great relief I can therefore assert that I pass the drooling idiot test vis a vis Neo4j documentation yet again. I would bet money they have their guides location hard coded in someplace which is why their guides :PLAY
What web server (and version) you are using ngnix? apache? If the below doesn't solve it for you I might want to take a stab at the config myself just for fun (this was already on my long "if only I had time list"). From what I've read every web server does CORS config a little different, so I should use the same web server. I do use docker, so I should be able to spin up most any (free) web server next to a neo4j (in docker as well) easily.
For setting up a guide, here are the basic steps I went through
- added my site to the neo4j white list the location in the neo4j config, for example if they are on the server whereguidesare.org
- I did not touch dbms.security.http_access_control_allow_origin (as with every setting, it could cause problems if not set correctly, just a thought)