Html |
---|
<div id="fb-root"></div>
<script>(function(d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s); js.id = id;
js.src = 'https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.11';
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));</script> |
Html |
---|
<div class="fb-like" data-href="https://confluence.wildix.com/x/SwBuAQ" data-layout="button_count" data-action="recommend" data-size="large" data-show-faces="true" data-share="true"></div> |
...
Scroll export button | ||||||||
---|---|---|---|---|---|---|---|---|
|
Info |
---|
This Admin Instruction explains how to configure domain whitelist to protect PBX from cross-site request forgery (CSRF) attacks. Created: April 2018 Updated: June 2018 WMS Version: 3.88 May 2024 Permalink: https://confluencewildix.wildixatlassian.comnet/wiki/x/SwBuAQdAvOAQ |
Table of Contents |
---|
Warning |
---|
IMPORTANT: Trusted domains must be added to a domain whitelist! Please note that any Web API / PBX API integration will stop working if the domain is not added. |
Warning |
---|
If you are using Firewalls, make sure the following pool of IP addresses is present in your Whitelist for access to Wildix microservices: 3.122.16.10 |
Introduction
The main purpose of adding domains to a whitelist is to protect PBX from cross-site request forgery (CSRF) attacks.
...
To allow such interactions, Cross-origin resource sharing (CORS) is used. It is a standard that allows cross-domain requests. CORS can be defined as a set of headers that allow a browser and server to communicate about which requests are/ are not allowed. The simplest way is to check that the request originates from a trusted site, using Origin request header. For example,
Code Block | ||
---|---|---|
| ||
Origin: https://ucuapbx_name.wildixin.com |
If a server decides that the request should be allowed, it sends Access-Control-Allow-Origin
header with the same origin that was sent. For example,
Code Block | ||
---|---|---|
| ||
Access-Control-Allow-Origin: https://ucuapbx_name.wildixin.com |
If this header is missing or the origins don’t match, then the request is not allowed. If origins match, then a browser processes the request.
...
Whitelist is configured in WMS -> Settings -> PBX -> Security -> CORS.
To configure a domain whitelist:
Enter IP address/ domain name and click + to add the value:
Supported formats of IP address/ domain name:
- http://<domain or IP address> / https://domain or IP address>
- http://<domain or IP address>:port / https://<domain or IP address>:port
Examples:
- https://ucuatestpbx.wildixin.com/
- https://ucuatestpbx.wildixin.com:4443/
http://ucuatestpbx.wildixin.com/
It is also possible to add patterns using asterisk symbol "*" that replaces letters, numbers and dashes:
Examples:- https://*.wildixin.com
*://*.wildixin.com
https://*.*.wildixin.com
Note Note: IP range can't be specified in this case. You just need to enter one IP address.
Note Note: Wildix Portal "https://pbx.wildix.com/" and Wildix Chrome Extension "https://chrome-extension://lobgohpoobpijgfegnlhdnppegdbomkn" are hardcoded in the whitelist, there is no need to add them.
After you enter all the values, click Save:
To delete the value from the list, click X.
Note |
---|
Note: Starting from WMS 6.04.20230803.1, whitelisting domain can also be used to allow access to files (call recordings, voicemails, faxes). |
...
Html |
---|
<div class="fb-like" data-href="https://confluence.wildix.com/x/SwBuAQ" data-layout="button_count" data-action="recommend" data-size="large" data-show-faces="true" data-share="true"></div> See more in documentation How to download files via different authorization types and CORS domain whitelisting |
Macrosuite divider macro | ||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Button macro | ||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|