Overview
The Web settings panel allows you to configure the Cross-Origin Resource Sharing (CORS) headers sent by Apache.
Cross-Origin Resource Sharing is a security feature that instructs web browsers to prevent code from accessing a server’s responses from a remote origin. If not allowed, CORS may prevent external web applications not hosted on the CueServer from accessing the CueServer’s files or API’s. In most cases, CORS should be left disabled unless specifically needed.
The configuration options are:
- Do Not Allow – deny all cross-origin requests to CueServer (default).
- Allow All – allow all cross-origin requests, from any origin.
- Allow Origin – deny all cross-origin requests, except from the specified origin (i.e. ‘localhost’, or ’192.168.2.100’).