Enable and Configure Cross-Origin Resource Sharing (CORS)



The allowed_hosts setting accepts an array of URIs that define hosts that can participate in Cross-Origin Resource Sharing (CORS). It also defines which host can embed our application in an <iframe>, <frame>, or <object> tag on a web page. (See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options for more information.) Host is intentionally singular since the X-Frame-Options header can only contain one entry. The first host in the list will be used as the value for this header.

The example appSettings.json entry below specifies that "http://example.com" may participate in CORS and can embed the DryvIQ Platform on one of its own web pages.

*NOTE: The brackets are required

1 2 3 4 5 ... "server": { "proxy_url": "http://your.ip.address:9090/", "allowed_hosts": ["http://example.com"] }


Update the Manager's appSettings.json file with appropriate allowed_hosts entrie(s) and restart your Manager service.

See https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS for detailed information on CORS and how it works.