close

Filter

loading table of contents...

Content Application Developer Manual / Version 2301

Table Of Contents

4.3.1.8 Solution for the Same-Origin Policy Problem

Access-Control-Allow-Origin

This solution is built into the CoreMedia Blueprint workspace, so you may use it out of the box. The idea is to customize the same origin policy by setting the Access-Control-Allow-Origin HTTP header accordingly. The allowed origins can be configured via the properties cae.cors.allowed-origins-for-url-pattern[*].

cae.cors.allowed-origins-for-url-pattern[{path\:.*}]= \
    http://my.site.domain1,https://my.site.domain2

To fine-tune the configuration for Cross-Origin Resource Sharing (CORS), use the provided cae.cors configuration properties. See CaeHandlerServicesConfiguration#caeCorsConfigurations(CaeCorsConfigurationProperties,ObjectProvider), CaeCorsConfigurationProperties and Section 3.1.4, “CORS Properties” in Deployment Manual.

Search Results

Table Of Contents
warning

Your Internet Explorer is no longer supported.

Please use Mozilla Firefox, Google Chrome, or Microsoft Edge.