Watchguard and Access Control Allow Origin

Our media department here uses an external service for streaming that includes live comments. However, when the live feed is running they have to manually refresh the browser to see that chat updates (and refreshing causes the hit count to go up therefore meaning we don't get an accurate count of people viewing the session). This does not occur if a user is not behind our firewall.
I've contacted the streaming host and they said to make sure one website was allowed (pubnub) and that's all that should be necessary but that didn't fix it. They then said I may need to "allow"  Access Control Allow Origin in the header fields in the appropriate policy. I went there and have no idea how to implement it. Is this the path I should be taking? They aren't familiar with Watchguard products.

I have an XTM510 running 11.8 and WSM 9

Thanks for any input you may have.
perkwerxAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

btanExec ConsultantCommented:
WG by default will block e.g. removes HTTP headers it considers dangerous, including Access-Control-Allow-Origin
http://www.garysieling.com/blog/dont-use-access-control-allow-origin

You may want to check out the pdf. Specifically is to under HTTP-proxy policy> Proxy Action > HTTP Response > Header Fields, to add "Access-Control-Allow-Origin:*" into it. Note that header fields not in the list are stripped by default.
(see "HTTP Response - General Settings" section)
http://www.watchguard.com/support/fireware_howto/83/HTTP_Proxy_OutgoingProxyAction.pdf

there is another EE reference that may be useful in configuring an HTTP-Server Proxy Action (though not specific to this use case) - http://www.experts-exchange.com/Software/Anti-Virus/Q_26374271.html#a33363331
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
perkwerxAuthor Commented:
Thanks for the information. Now I just need to decide if it's worth allowing (and I'm leaning to the "no" side).
Thank you!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Security

From novice to tech pro — start learning today.