Skip to main content

Cross-Origin Resource Sharing (CORS) configuration in InCountry

Adding CORS headers in REST API

You need to add CORS policies to access REST API from the browser. For doing this:

  1. Edit REST API service (or create a new one).

  2. Check the Allow Any Origin box or specify the Allow Origin List URL.

  3. When complete, click Update.

Adding CORS headers in Web Services

In some cases, you may have to override CORS policies that are proxied through the Web Services. For doing this:

  1. Edit the Web Services endpoint.

  2. Check the Enable CORS box.

  3. Specify the Access-Control-Allow-Origin header.

  4. Save the Web Services endpoint.

info

If you don’t override CORS headers through the Web Services endpoint but specify them on your application backend, then Web Services will just proxy request with their CORS headers to your application frontend from the backend.

info

If you don’t override CORS headers through the Web Services endpoint and don’t specify them on your application backend, then Web Services will apply the default headers, as follows:

Access-Control-Allow-Origin: '*' Access-Control-Allow-Credentials: 'true' Access-Control-Allow-Headers: 'Origin, Content-Type, Accept'