1. Help Center
  2. Implementation, Deployment, and Security

CORS Whitelist

Note: This feature pertains only to Admin API running from a browser. If you need a CORS update in support of your Engine API traffic, please work with your account team to request this header in your domain settings.

Normally, browsers block client-side requests across different origins. To help you work around this restriction, SiteSpect has a Cross-Origin Resource Sharing (CORS) Whitelist, which adds specific headers to the SiteSpect server response that allow such cross-domain communication. Add your domain to the CORS Whitelist to prevent requests from being blocked. For example, if your application is located at mysite.com, add mysite.com to the CORS Whitelist. Click here for more information on CORS.

Note: You must have admin access to use this feature.

To set up a CORS Whitelist in SiteSpect:

  1. Select SystemSecurity, then CORS Whitelist from the left nav.

CORS Whitelist

  1. On the CORS Whitelist tab, enter a domain and click the plus sign (+) to add it to the approved list.

CORS Whitelist II

SiteSpect adds the domain to the list.

CORS Whitelist III

To delete a domain from the list, click the minus sign (-) in the Actions column.