Web Server Configuration for Cross Origin Resource Sharing (CORS)
Provides instructions on how to configure GridGuard server to support Cross Origin Resource Sharing (CORS). This is required for GridLite deployments where the grid will be queried for, from a different appliance.
Cross-origin resource sharing (CORS) is a mechanism that allows Javascript on a web page to make XMLHttpRequests to another domain, not the domain the Javascript originated from. Such "cross-domain" requests would otherwise be forbidden by web browsers, per the same origin security policy. CORS defines a way in which the browser and the server can interact to determine whether or not to allow the cross-origin request. It is more powerful than only allowing same-origin requests, but it is more secure than simply allowing all such cross-origin requests.
Pre-Requisites
1. Ensure Grid server is accessible from the client using it's FQDN
2. Ensure Grid server has a valid certificate installed. This solution will not work with self-signed certificates.
3. Must be using a recent version of a web browser. Supported versions include:
- Internet Explorer 8 or newer
- Firefox 3.5 or newer
- Safari 4 or newer
- Chrome 3 or greater
Edit Server Configuration
1. Launch an SSH session (putty) and connect to the GridGuard server
2. Edit file /etc/httpd/conf/gridguard-http-common.conf
Add directive Header set Access-Control-Allow-Origin * under section <Location /gridguard/rest/grid>
3. Execute command 'service httpd restart'