HTTP¶
The HTTP key-value store is a root key-value store for accessing regular HTTP servers.
URL syntax¶
http://host/pathhttps://host/pathhttps://host/path?query
Capabilities¶
Supported if the server supports HTTP range requests. |
|
Supported if the server supports:
|
CORS¶
If the HTTP URL refers to a different origin
than that from which the Neuroglancer client itself is hosted, the specified
host must be configured to allow cross-origin requests.
The recommended CORS headers are:
access-control-allow-origin: *access-control-expose-headers: *
Alternatively, more specific CORS headers may be used:
access-control-allow-origin: https://{neuroglancer-host}access-control-expose-headers: content-range, content-encoding
Warning
CORS headers can allow malicious websites to access data on servers that are accessible to the public internet, including servers listening only on localhost. Any private data should be protected by appropriate access control mechanisms such as capability URLs.
http:// access from https:// origin¶
Note that because of mixed content blocking in
modern browsers, if the Neuroglancer client itself is served from an
https:// origin (e.g. https://neuroglancer-demo.appspot.com),
Neuroglancer cannot access data sources using http:// URLs, only
https://) URLs are allowed. However, data sources served from
http://127.0.0.1[:PORT] (on Chrome and Firefox) and
http://localhost[:PORT] (on Chrome) are allowed by exceptions to the
normal mixed content blocking.
If the Neuroglancer client is served from an http:// origin, data sources
served from both http:// and https:// URLs are supported.
Query parameters¶
If the server requires query parameters (e.g. an access token), they may be
specified as https://host/path?query.
Note
When query parameters are specified for a directory, e.g.
https://host/dataset.zarr/?query, they will also be used for all
files accessed within that directory.