Enabling CORS - 23.1

Spectrum Dataflow Designer Guide

Version
23.1
Language
English
Product name
Spectrum Technology Platform
Title
Spectrum Dataflow Designer Guide
First publish date
2007
Last updated
2024-05-09
Published on
2024-05-09T23:01:03.226155

If you want to use an external web site to call Spectrum Technology Platform, Cross-Origin Resource Sharing (CORS) must be enabled. CORS prevents unauthorized web applications from stealing services from a server like the Spectrum Technology Platform. For more information, see the section "Enabling CORS" in your Spectrum Technology Platform Administration Guide.

  1. Go to the server/conf folder.
  2. Modify the following options in the spectrum.properties file.
  3. Set the spectrum.jetty.cors.enabled property to true. The default is false.
  4. Add your web server host name along with the port number to the spectrum.jetty.cors.allowedOrigins option.
    Note: CORS only requires secure web access from a localhost (for example, https://localhost:*).

    Non-secure access is allowed from a named server as shown in the following example:

    spectrum.jetty.cors.allowedOrigins=http://us-8qxyp12.pbi.global.pvt:82.

    In this example, us-8qxyp12.pbi.global.pvt is the machine name. The machine name is case sensitive so it is recommended that you check how your browser treats what you type. You need to change that to your server (machine) name. The :82 is the port on which the web server is running. You configure the port when setting up the web server. For more information, see Web Server.