CORS Headers
Websites usually consist of applications, images, fonts, and many other resources hosted on different servers on the internet. While CORS (Cross-Origin Resource Sharing) stands for cross-origin resource sharing, it is a mechanism that allows such resources hosted on different servers to be received with additional domain names. It aims to stretch the restrictions of Same-Origin-Policy (SOP), which prevents content delivery from different origins by using an additional domain name due to security measures, with legal methods.
Medianova CDN supports this feature for all CDN Resource types. You can manage this feature, which allows content delivery from different origin servers with the same domain name, by following the steps below.
You can access the Medianova cloud panel by logging in with your username and password at http://cloud.medianova.com .
You can reach CORS Header setting by clicking on the CDN Resource you would like to edit by following the CDN > CDN Resources path on the left side of the panel screen and navigating to Headers tab.
After turning on the status of the CORS Header feature, you can add the domains you want to allow for CORS and click on the Add CORS Header button to save changes. Example: http://www.domain.com .
The domains you add will be listed as shown below.
If the CORS Header feature is disabled, content cannot be received from different sources with different domain names. When content is requested from different sources, the content will not be served and will appear as a CORS error on the Development Tools console.
Activating CORS Header allows content to be received from different sources over additional domains. It is possible to define more than one additional domain. You can delete any previously defined additional domain name, as well. If no value is entered in the domain name field while enabling CORS header, the default setting is being set to *, which means requests from all sites and domains will be allowed. This operation is not recommended as it may create security vulnerabilities.
It may take a few minutes for the feature to be active, after adding domains and submitting the changes by clicking on the button.