Content Application Developer Manual / Version 2506.0
Table Of ContentsAccess-Control-Allow-Origin
This solution is built into the CoreMedia Blueprint workspace, so you may use it out of the box. The idea
is to customize the same origin policy by setting the Access-Control-Allow-Origin HTTP header
accordingly.
The allowed origins can be configured via the properties cors.allowed-origins-for-url-pattern[*]
or cors.allowed-origin-patterns-for-url-pattern[*].
cors.allowed-origins-for-url-pattern[{path\:.*}]= \
http://my.site.domain1,https://my.site.domain2
To fine-tune the configuration for Cross-Origin Resource Sharing (CORS), use the provided
cors.* configuration properties. See
Section 3.15.1, “CORS Properties” in Deployment Manual.
