Skip to main content

Configure Valid Whitelist

To communicate with the mounted document and be able to call APIs to operate the document, whitelist configuration must be performed, otherwise the document will refuse to respond to API requests.

For example, zOffice is deployed at http://172.16.22.98, and now you need to mount the document http://172.16.22.98/docs/app/thirdparty-rest/1347466381985058817/edit/content?zdocs_access_token=653b90d845a785e3c69aeba on the page http://172.16.22.99:8001/index.html.

Then, you need to add environment variables on server 172.16.22.98

Add to the zdocs.env file:

LS_WEBRESOURCE_WHITEORIGINS=http://172.16.22.99:8001

This way, communication can be established, and API requests initiated from http://172.16.22.99:8001/index.html can get responses from the document http://172.16.22.98/docs/app/thirdparty-rest/1347466381985058817/edit/content?zdocs_access_token=653b90d845a785e3c69aeba.

Notes

  • Multiple addresses are separated by commas, for example:

    LS_WEBRESOURCE_WHITEORIGINS=http://172.16.22.99:8001,http://172.16.22.99:8002

  • The structure of each address is: protocol + IP/domain + port, which is consistent with the cross-origin standard.

  • If the mounted page is accessed through a domain name, the whitelist configuration should be in the format of protocol+domain, for example: http://www.test.com

  • When the mounted page is deployed on the default port, for example, the default port of http protocol is 80, and the default port of https protocol is 443, when accessing the page, the browser address bar does not display the port number, then the whitelist configuration should not add single quotes, for example: http://172.16.22.99

  • During the testing phase, you can directly set LS_WEBRESOURCE_WHITEORIGINS=* to adapt to any third party

Last updated on