Cross-Origin Resource Sharing (CORS)
The Cross-Origin Resource Sharing (CORS) configuration category includes the following configurable options:
CORS Enabled
CORS Origins
|
CORS Enabled |
|
|
BOOLEAN | |
Should this endpoint allow the use of CORS? Enable this item only if you understand what it is doing. | |
false
|
|
|
|
CORS Origins |
|
|
STRING | |
A comma-separated list of allowable origins for the CORS filter. For example: https://example.com, https://try.smilecdr.com:9201 . You may also use the wildcard value * to allow CORS for all domains, however this is generally not considered a good practice for production systems serving sensitive data.
|
|
*
|
|
|