Is it possible to set Access-Control-Allow-Origin to the IP of the client making the request instead of “" (not hard-coded to a specific IP, but set dynamically depending on the IP of the client)? We’re looking into using a load balancer which utilizes sticky sessions with cookies, and CORS doesn’t allow cookies to be sent in Javascript HTTP requests when Access-Control-Allow-Origin is set to "”.

Thanks!

Is it possible to set Access-Control-Allow-Origin to the IP of the client making the request instead of “" (not hard-coded to a specific IP, but set dynamically depending on the IP of the client)? We’re looking into using a load balancer which utilizes sticky sessions with cookies, and CORS doesn’t allow cookies to be sent in Javascript HTTP requests when Access-Control-Allow-Origin is set to "”.

Thanks!

I think I figured it out. I added this to a custom module:

httpSession.setUserHTTPHeader(“Access-Control-Allow-Origin”, httpSession.getHTTPHeader(“origin”));

And it seems to do what I need. (I actually needed origin, not client IP!)

Hi,

That’s great news, thanks for the update.

Regards,

Jason