Contains the cross-origin resource sharing mechanism settings.
This element is optional.
Path
ServerSettings > CORS
Attributes
This element has no attributes.
Nested elements
This element is a container for the following nested elements:
Specifies the list of origins (IP addresses or host names with a protocol) to which an access to the kavhttpd service must be provided.
Possible values:
*
This value allows any origin to access the kavhttpd service.
Kaspersky Scan Engine in HTTP mode may receive an HTTP request with the Origin
header field which contains the IP address or host name that initiates the request. If the HTTP mode configuration file contains one or more AccessControlAllowOrigin
elements, the value of the Origin
header field is mapped to the values defined in these elements. The following results are possible:
Origin
header field matches at least one of the AccessControlAllowOrigin
element valuesIn this case, the value of the Origin
header field will be specified in the Access-Control-Allow-Origin
field of the response header.
In this case, Access-Control-Allow-Origin
will contain the https://scanengine.kaspersky.com
value.
AccessControlAllowOrigin
element contains the *
valueIn this case, the Access-Control-Allow-Origin
field of the response header will contain the *
value regardless of the Origin
header field value.
If the request does not contain the Origin
header field, the kavhttpd service processes it in the standard way.
Example
The following is an example of this element.
<CORS> <AccessControlAllowOrigin>http://example.com</AccessControlAllowOrigin> <AccessControlAllowOrigin>https://kaspersky.com</AccessControlAllowOrigin> </CORS> |