Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

« Previous Version 2 Current »

This section describes how secure a Digizuite installation using CORS.

Recommendation

Digizuite is recommended to have CORS setup in order to avoid malicious requests.

CORS can be enabled by editing Digizuite web.config and adding the following line under appSettings:

<add key="Access-Control-Allow-Origin" value="https://allowed_1.example.com https://allowed_2.example.com https://allowed_3.example.com" />

If the installation is running under a non standard port it should be specified as well

<add key="Access-Control-Allow-Origin" value="https://allowed_1.example.com:888 https://allowed_2.example.com:889 https://allowed_3.example.com:890" />

The recommended value should contain the URL of the Digizuite installation and the domains of the additional applications/integrations:

<add key="Access-Control-Allow-Origin" value="https://dc.digizuite.com https://mm.digizuite.com https://other-client-intergation-app.digizuite.com" />
  • No labels