OWACurrent en:Server side Settings

Aus Cryptshare Documentation
Version vom 29. Januar 2024, 12:47 Uhr von Meutern (Diskussion | Beiträge) (adding screenshots)
(Unterschied) ← Nächstältere Version | Aktuelle Version (Unterschied) | Nächstjüngere Version → (Unterschied)
Wechseln zu:Navigation, Suche

Cross-Origin Resource Sharing (CORS)

CORS configuration is handled on the Cryptshare Server.
To avoid encountering this error, please refer to the Cryptshare Server Manual. To grant access to an external server through the add-in, the administrator of said server must add the requesting domain to the CORS configuration of their server.

Explanation

Cross-Origin Resource Sharing, abbreviated as CORS, refers to receiving web resources like JavaScript, CSS files, etc. from other hosts than the one where the original resources are hosted. CORS poses a security threat, and is usually blocked by the Same-origin Policy (SOP). While using the Cryptshare for OWA add-in, it may occur that the add-in will attempt to contact a different Cryptshare Server ("Server B" henceforth) than the one hosting the add-in (Server A henceforth), e.g. to retrieve transfer data. If the CORS policies of Server B do not include Server A, the add-in will display an error screen similar to this:

OwaCORSErrorScreen.png

In order to alleviate this issue, the administrator of Server B must add Server A's URI to their CORS settings.

Error Analysis, Support & Logging

In order to allow administrators easier access to error logs, it is possible to configure OWA to send its logs to the Cryptshare Server.

Please refer to the relevant Cryptshare Server Manual article for detailed instructions on how to set up remote logging.

SSL/HTTPS is mandatory.
Please note that without SSL/HTTPS, remote logging will be nonfunctional, as it is required to create the underlying server connection. Any errors can only be viewed on the error screen or the browser console, accessed by pressing F12 / Ctrl+Shift+I.

SSL & HTTPS Access

The Cryptshare for OWA add-in must be served through HTTPS to function, as is the case for any other OWA add-in. Please ensure that:

  • The base URL of the Cryptshare Server starts with https://.
  • HTTPS redirect is activated on the Cryptshare Server.
  • The manifest URL provided by the server starts with https://.
  • A valid/trusted SSL certificate is installed on the Cryptshare Server.
  • In case custom certificates not created by an official authority are used, the SSL certificate served by the Cryptshare Server must be correctly installed on the client. Please note that granting a "security exception" in the browser in lieu of this will not suffice.

If any of these preconditions are not fulfilled, the add-in cannot function, users will be met with an SSL error, and this error screen will appear:

OwaGenericError.png
Abgerufen von „https://documentation.cryptshare.com/w/index.php?title=OWACurrent_en:Server_side_Settings&oldid=38628