Cross-Origin Resource Sharing (CORS)

In version 6.1.4, we’ve implemented a new option in the Global Settings that allows you to configure the CORS permission for your module images.

Cross-Origin Image Defaults

Select a Cross-Origin Resource Sharing (CORS) option for your module images in the Global Settings.

  • Unset – CORS is not used at all (Useful if your images are hosted on CDN networks).

  • Anonymous – A cross-origin request (i.e., with Origin: HTTP header) is performed. But no credential is sent (i.e., no cookie, no X.509 certificate, and no HTTP Basic authentication are sent). If the server does not give credentials to the origin site (by not setting the Access-Control-Allow-Origin: HTTP header), the image will be tainted and its usage restricted.

  • Use Credentials – A cross-origin request (i.e., with Origin: HTTP header) performed with credential is sent (i.e., a cookie, a certificate, and HTTP Basic authentication are performed). If the server does not give credentials to the origin site (through Access-Control-Allow-Credentials: HTTP header), the image will be tainted and its usage restricted.
Cross-Origin Resource Sharing (CORS)

The Author

KC

Strength does not come from winning. Your struggles develop your strengths. When you go through hardships and decide not to surrender, that is strength.

Liked this Post?
Please Share it!