Enable Cross-Origin Resource Sharing (CORS)
To allow resource sharing between a browser application that integrates with Oracle Content and Experience Cloud but is hosted in a different domain, perform the following steps:
-
After you sign in to the Oracle Content and Experience Cloud web application as an administrator, click Settings in the Administration area of the navigation menu.
-
In the Settings menu, click Security.
-
Under CORS (Cross-Origin Resource Sharing), enter the domains in the appropriate CORS origins text box in the format http[s]://domainname.com. Separate entries with a comma. For example, to enable CORS for an app on your server, enter a value similar to the following in both the Back Channel CORS Origins and Front Channel CORS Origins boxes:
https://www.example.com/app
If you use a custom domain URL, enter the custom URL as well.
-
When you are done, click Save.
Do not use * as an origin value; it allows access from all hosts.
Security measures vary between different browsers and different browser versions. See http://www.w3.org/TR/UISecurity/
.
The CORS settings apply to all Oracle Content and Experience Cloud calls (documents, social, and content as a service).