OWACurrent en:CORS (Cross-Origin Resource Sharing)

Aus Cryptshare Documentation
(Weitergeleitet von OWACurrent en:72319925)
Wechseln zu:Navigation, Suche


CORS, Cross Origin Resource Sharing describes the process of receiving web resources, i.e. JavaScript files, CSS files, etc. from hosts other than the host where the original/main resources are hosted. This poses a security threat and is countered by the same-origin-policy (SOP) which avoids such requests.

Why is this important?

During work with the add-in, it can happen that the add-in tries to contact a Cryptshare Server (Server B) different to the one it is hosted on (Server A) as the user may have received a transfer from this server. As this is a CORS request, the user now would see an error screen:


In order to avoid this screen for future transfers and other users, the administrator of server B must add the requesting domain to the CORS configuration of their server.

CORS Configuration on server-side
Please go to 'Cryptshare for OWA' in the server manual for instructions on how to administer the CORS settings and more details about CORS.