Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Watchguard and Access Control Allow Origin

Posted on 2014-12-09
2
Medium Priority
?
3,094 Views
Last Modified: 2014-12-15
Our media department here uses an external service for streaming that includes live comments. However, when the live feed is running they have to manually refresh the browser to see that chat updates (and refreshing causes the hit count to go up therefore meaning we don't get an accurate count of people viewing the session). This does not occur if a user is not behind our firewall.
I've contacted the streaming host and they said to make sure one website was allowed (pubnub) and that's all that should be necessary but that didn't fix it. They then said I may need to "allow"  Access Control Allow Origin in the header fields in the appropriate policy. I went there and have no idea how to implement it. Is this the path I should be taking? They aren't familiar with Watchguard products.

I have an XTM510 running 11.8 and WSM 9

Thanks for any input you may have.
0
Comment
Question by:perkwerx
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 65

Accepted Solution

by:
btan earned 2000 total points
ID: 40491082
WG by default will block e.g. removes HTTP headers it considers dangerous, including Access-Control-Allow-Origin
http://www.garysieling.com/blog/dont-use-access-control-allow-origin

You may want to check out the pdf. Specifically is to under HTTP-proxy policy> Proxy Action > HTTP Response > Header Fields, to add "Access-Control-Allow-Origin:*" into it. Note that header fields not in the list are stripped by default.
(see "HTTP Response - General Settings" section)
http://www.watchguard.com/support/fireware_howto/83/HTTP_Proxy_OutgoingProxyAction.pdf

there is another EE reference that may be useful in configuring an HTTP-Server Proxy Action (though not specific to this use case) - http://www.experts-exchange.com/Software/Anti-Virus/Q_26374271.html#a33363331
0
 

Author Comment

by:perkwerx
ID: 40500881
Thanks for the information. Now I just need to decide if it's worth allowing (and I'm leaning to the "no" side).
Thank you!
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Check out what's been happening in the Experts Exchange community.
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question