Revision as of 14:04, April 1, 2015 by Jumunn (talk | contribs)
Jump to: navigation, search

CORS Filter

This is part of the Deployment Guide for the Genesys Web Services.

Overview

Genesys Web Services supports Cross Domain (CORS) Filter, which allows applications to requested resources from another domain. For more information on CORS Filter, please refer to http://en.wikipedia.org/wiki/Cross-origin_resource_sharing.

Configuration

Genesys Web Services provides configuration options for CORS Filter which includes system wide configuration applying to all contact centers. Each contact center can also provision its allowOrigins.

Parameters

Edit the server-settings.yaml file and define the following parameters under crossOriginSettings:

Name Type Description Default Required
allowedOrigins String String of allowed origins supported by this node. For example: 
http://*.genesys.com, http://*.genesyslab.com
 empty N
allowedMethods String HTTP methods supported by the server. GET,POST,PUT,DELETE,OPTIONS N
allowedHeaders String Access-Control-Allow-Headers header as part of the response to a pre-flight request which specifies which header field names can be used during the request. X-Requested-With,Content-Type,Accept,Origin,Cookie,authorization,ssid,surl,ContactCenterId,X-CSRF-TOKEN N
allowCredentials String Value of the Access-Control-Allow-Credentials header. This should typically be left at the default value. true N
corsFilterCacheTimeToLive Number Values of delay after contact center allowDomain updating takes effect. 120 N
exposedHeaders String Configures what custom headers are allowed in cross-origin HTTP responses. This value should not need to be modified from the default. X-CSRF-HEADER,X-CSRF-TOKEN N

Example 

crossOriginSettings:
    corsFilterCacheTimeToLive: 120
    allowedOrigins: https://*.salesforce.com, https://*.force.com, http://127.0.0.1:9090
    allowedMethods: GET,POST,PUT,DELETE,OPTIONS
    allowedHeaders: "X-Requested-With,Content-Type,Accept,Origin,Cookie,authorization,ssid,surl,ContactCenterId,X-CSRF-TOKEN"
    allowCredentials: true
    exposedHeaders: "X-CSRF-HEADER,X-CSRF-TOKEN"


Next Step

Comments or questions about this documentation? Contact us for support!