imported>Hartwigr |
|
| Zeile 1: |
Zeile 1: |
|
| | #REDIRECT [[{{NAMESPACE}}:Server_side_Settings#Cross_Origin_Resource_Sharing_(CORS)]] |
| | |
| -----
| |
| | |
| = General =
| |
| CORS, Cross Origin Resource Sharing describes the process of receiving web resources, i.e. JavaScript files, CSS files, etc. from hosts other than the host where the original/main resources are hosted. This poses a security threat and is countered by the same-origin-policy (SOP) which avoids such requests.
| |
| == Why is this important? ==
| |
| During work with the add-in, it can happen that the add-in tries to contact a Cryptshare Server (Server B) different to the one it is hosted on (Server A) as the user may have received a transfer from this server. As this is a CORS request, the user now would see an error screen:
| |
| | |
| [[File:72319928.png]] | |
| | |
| In order to avoid this screen for future transfers and other users, the administrator of server B must add the requesting domain to the CORS configuration of their server.
| |
| {{InfoBox|title=CORS Configuration on server-side|content=Please go to '[https://wiki.cryptshare.com/display/CSM/Cryptshare+for+OWA Cryptshare for OWA]' in the server manual for instructions on how to administer the CORS settings and more details about CORS. | |
| }}
| |
| | |
| -----
| |