This section describes how secure a Digizuite installation using CORS.
| Info |
|---|
|
Digizuite is recommended to have CORS setup in order to avoid malicious requests. |
CORS can be enabled by editing Digizuite web.config and adding the following line under appSettings:
| Code Block |
|---|
|
<add key="Access-Control-Allow-Origin" value="https://allowed_1.example.com https://allowed_2.example.com https://allowed_3.example.com" /> |
If the installation is running under a non standard port it should be specified as well
| Code Block |
|---|
|
<add key="Access-Control-Allow-Origin" value="https://allowed_1.example.com:888 https://allowed_2.example.com:889 https://allowed_3.example.com:890" /> |
The recommended value should contain the URL of the Digizuite installation and the domains of the additional applications/integrations:
| Code Block |
|---|
|
<add key="Access-Control-Allow-Origin" value="https://dc.digizuite.com https://mm.digizuite.com https://other-client-intergation-app.digizuite.com" /> |