Addendum: Enabling Cross-Origin Resource Sharing
Note:The following content describing functionality introduced in Code Insight 2021 R2 was not included in the 2021 R2 user documentation. However, it will be made a available as part of the user documentation at a future date.
CORS (Cross-Origin Resource Sharing) is an HTTP-header-based tool that allows secure cross-origin requests and data transfers between browsers and servers. Cross-origin situations occur when the Web location from which a request originates is different from the Web location of the server to which the request is sent. Cross-origin locations can differ in scheme (HTTP or HTTPS), domain (such as mylocation.com versus yourlocation.com), or port.
For example, if you have created a script or application that makes Code Insight REST API calls, these calls will most likely result in errors if the script resides at a Web location different from Code Insight Core Server web location.
To enable a secure, successful exchange of requests and responses in a cross-origin scenario, you need to set up a CORS filter on the Code Insight Core Server. This filter identifies the origins (clients) from which the Core Server (server) will accept requests and specifies the types of headers and HTTPS methods that the server will support in the requests.
The following sections describe how to configure the CORS filter:
| • | Configuring the CORS Filter |
| • | CORS Initialization Parameters |
| • | Identifying Origins for the cors.allowed.origins Initialization Parameter |
| • | About HTTP Headers |