Enabling CORS - 23.1

Spectrum Addressing Guide

Version
23.1
Language
English
Product name
Spectrum Technology Platform
Title
Spectrum Addressing Guide
Copyright
2024
First publish date
2007
Last updated
2024-08-03
Published on
2024-08-03T03:54:19.080501

If you want to use an external web site to call Spectrum Technology Platform, Cross-Origin Resource Sharing (CORS) must be enabled. CORS prevents unauthorized web applications from stealing services from a server like the Spectrum Technology Platform. For more information, see the section "Enabling CORS" in your Spectrum Technology Platform Administration Guide.

  1. Go to the server/conf folder.
  2. Modify the following options in the spectrum.properties file.
  3. Set the spectrum.jetty.cors.enabled property to true. The default is false.
  4. Add your web server host name along with the port number to the spectrum.jetty.cors.allowedOrigins option.
    Note: CORS only requires secure web access from a localhost (for example, https://localhost:*).

    Non-secure access is allowed from a named server as shown in the following example:

    spectrum.jetty.cors.allowedOrigins=http://us-8qxyp12.pbi.global.pvt:82.

    In this example, us-8qxyp12.pbi.global.pvt is the machine name. The machine name is case sensitive so it is recommended that you check how your browser treats what you type. You need to change that to your server (machine) name. The :82 is the port on which the web server is running. You configure the port when setting up the web server. For more information, see Web Server.