In order to have running our software for all clients, considering every browser has different requirements, some headers should be set on the server configuration. It is not mandatory but some browsers (not all versions) can not allow loading all our assets if these headers are not present (especially on nonsecure websites). Mainly, problems may happen because our software wants to try to load some files from a different server (our cobrowser.com server) than the origin (client website server). Browsers don't allow load some file types from a non secured servers if client server does not specify it (cross-origin resource sharing or CORS).
Due to this fact, the server should include the following configuration. Because there are mainly two kinds of HTTP servers, here it is explained for Nginx and Apache servers. If your server is not one of these types, contact with support@cobrowser.net and our team can be supplied all configuration needed.
- NGINX servers
In case your server is Nginx, go to the site configuration (usually under /etc/nginx/sites-available/ route), and open the file for adding the next lines:
|
set $cors ''; if ($cors = 'true') { |
- APACHE servers
In case your server is Nginx, go to the site configuration (usually under /etc/nginx/sites-available/ route), and open the file for adding the next lines:
| <IfModule mod_headers.c> Header set Access-Control-Allow-Origin: http://app.cobrowser.com Header set Access-Control-Allow-Origin: https://app.cobrowser.com env=HTTPS Header set Access-Control-Allow-Methods: GET Header set Access-Control-Allow-Credentials: true Header set Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type </IfModule> |
After saved the changed on the config file, restart or reload the server to have it running with CORS enable for cobrowser domain.
If there is any doubt or issue implementing it, please write to support@cobrowser.net
Comments
0 comments
Please sign in to leave a comment.