Jump to content

Recommended Posts

Posted

I have an invision site (e.g. forum.mysite.com) and I want to enable it's forum RSS feed to be read by javascript inside the browser of a page on another site: other.mysite.com.  To do this requires that the invision site set the `Access-Control-Allow-Origin: other.mysite.com`.  Is this possible via configuration of the invision site?  Note that I'm using the hosted solution from invision.

Posted

ACP > System > Settings > Advanced Configuration

Under the "Server Environment" tab is a section called "Security".

Could contain: Page, Text, File, Webpage

After you make this change, you may need to clear your system cache and for any guests accessing the site, you may need to wait 15 minutes for any pages cached by the CiC CDN to clear.  

Make sure you fully trust this other site as this makes it possible for it to do some rather nasty things if that other site is compromised or anything similar.  

Posted

Hi @Randy Calvert.  Thank you for the response.  I see that this allows one to set the Content-Security-Policy HTTP header (a.k.a CSP), but there does not seem to be any way to set the Access-Control-Allow-Origin HTTP header (a.k.a. CORS).  This is slightly different.

Posted

Ive tagged devs on this to see if this is possible to do. 

In terms of hosting invision yourself, you would need a classic license in order to do this

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...