Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

AVEVA™ Operations Management Interface

Configure the origin header parameter for allowlist security

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
TABLE OF CONTENTS

Configure the origin header parameter for allowlist security

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedDec 03, 2024
  • 1 minute read

You can configure a parameter to allowlist the origin header field in incoming HTTP requests to the InTouch Access Anywhere Gateway. The Gateway will check for this parameter upon connection request to the host. If the "origin" HTTP header exists in the connection request, it will verify that it is in the list of trusted addresses. If there is no match, the Gateway will deny the connection request to the host.

Use the following parameter to allowlist the origin header field:

<add Key="OriginHttpHeaderWhitelistAddresses" value=""/>

where value is the Gateway IP address or node name. For example:

<add Key="OriginHttpHeaderWhitelistAddresses" value="http://10.3.92"/>

or

<add Key="OriginHttpHeaderWhitelistAddresses" value="http://Gatewaynodename"/>

If there is a load balancer or proxy server in front of the Gateway, then the value address in this parameter refers to the load balancer or proxy server. In this case, the address can be any URL. For example:

<add Key="OriginHttpHeaderWhitelistAddresses" value="http://URL"/>

For detailed information about HTTP origin header specifications, see section 7 and 8 of the Internet Engineering Task Force

TitleResults for “How to create a CRG?”Also Available in