This presentation is Part 33 of the EWD 3 Training Course. It explains how to configure your QEWD system to enable Cross Origin Resource Sharing (CORS)

1. Copyright © 2016 M/Gateway Developments Ltd
EWD 3 Training Course
Part 33
Configuring QEWD to use
CORS
Rob Tweed
Director, M/Gateway Developments Ltd
Twitter: @rtweed

2. Copyright © 2016 M/Gateway Developments Ltd
What is CORS?
• Cross-Origin Resource Sharing (CORS) is a
mechanism that allows resources on a web
page to be requested from another domain from
the one that served up the original page
• The browser normally limits any Ajax requests to be
access the same domain from which the containing web
page was originally fetched
• Although this is normally sensible security practice, in
certain circumstances, you'll want to be able to break
free of this restriction
– That's when you need CORS

3. Copyright © 2016 M/Gateway Developments Ltd
Enabling CORS in QEWD
• Simple change to your QEWD startup file
– Add cors property to config object
– Set its value to true

4. Copyright © 2016 M/Gateway Developments Ltd
Edit your QEWD Startup File
var config = {
managementPassword: 'keepThisSecret!',
serverName: 'My QEWD Server',
port: 8080,
poolSize: 2,
database: {
type: 'cache',
params: {
path: 'c:InterSystemsCache2015-2mgr’
},
cors: true
}
};
var qewd = require('qewd').master;
qewd.start(config);

5. Copyright © 2016 M/Gateway Developments Ltd
Restart QEWD
• Static files (eg HTML, JavaScript, CSS)
files will now be returned with the following
HTTP headers added:
• Access-Control-Allow-Origin: *
• Access-Control-Allow-Headers: 'Origin, X-Requested-With, Content-
Type, Accept'