Zoomdata Version

Enabling Cross-Origin Requests with CORS Settings

Overview

Cross-origin resource sharing (CORS) is a new standard introduced in HTML 5 that allows web applications to use HTTP headers to specify which origins are permitted to request resources on the server. Modern web browsers will consult the Access-Control-Allow-Origin header on how to relax the same origin policy for a given page. By default, this setting was disabled starting version 1.5.0SR1 due to security vulnerability concerns. However, CORS can be enabled for certain or all domains by editing the zoomdata.properties file (located in /etc/zoomdata).

To modify cross-origin request permissions:

  1. Log out of Zoomdata, if you are still in the program and close the browser.
  2. From your terminal, open a command line session.
  3. Connect to your Zoomdata Server via a command prompt.
  4. Stop the Zoomdata Server service:
sudo service zoomdata stop
  1. Use the following command to access and open the zoomdata.properties file:
vi /etc/zoomdata/zoomdata.properties
If the .properties file does not exist, this command will create the file.
  1. Add the following variable into the file on a new line:
access.control.allow.origin=*

The * will open CORS for all domains. If you want to specify specific domains, replace the * with the appropriate domain name. Please refer to your Tomcat documentation to verify the appropriate syntax to use.

Save the document using vi's standard commands.

Restart Zoomdata server after making this change and also make sure to clear your browser cache.