Versions Compared

Old Version 17

changes.mady.by.user Tatiana Bieliakova

Saved on

compared with

New Version Current

changes.mady.by.user Tatiana Bieliakova

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Scroll export button
scopecurrent
template-id0fa09813-8b86-460a-aa1d-ef450a80e9ce
quick-starttrue
add-onScroll PDF Exporter

Info

This Admin Instruction explains how to configure domain whitelist to protect PBX from cross-site request forgery (CSRF) attacks.

Created: April 2018

Updated: June 2018

WMS Version: 3.88

Permalink: https://wildix.atlassian.net/wiki/x/dAvOAQ

Table of Contents

Warning

IMPORTANT: Trusted domains must be added to a domain whitelist! Please note that any Web API / PBX API integration will stop working if the domain is not added.


Warning

If you are using Firewalls, make sure the following pool of IP addresses is present in your Whitelist for access to Wildix microservices:

3.122.16.10
3.122.188.91
3.122.21.65
3.122.78.100 


Introduction

The main purpose of adding domains to a whitelist is to protect PBX from cross-site request forgery (CSRF) attacks.

...

To allow such interactions, Cross-origin resource sharing (CORS) is used. It is a standard that allows cross-domain requests. CORS can be defined as a set of headers that allow a browser and server to communicate about which requests are/ are not allowed. The simplest way is to check that the request originates from a trusted site, using Origin request header. For example, 

Code Block
languagetext
Origin: https://pbx_name.wildixin.com

...

  1. Enter IP address/ domain name and click + to add the value:


    Supported formats of IP address/ domain name:

    • http://<domain or IP address> / https://domain or IP address> 
    • http://<domain or IP address>:port / https://<domain or IP address>:port

    Examples:

    • https://testpbx.wildixin.com/
    • https://testpbx.wildixin.com:4443/

    • http://testpbx.wildixin.com/ 

    It is also possible to add patterns using asterisk symbol "*" that replaces letters, numbers and dashes:
    Examples: 

    • https://*.wildixin.com

    • *://*.wildixin.com

    • https://*.*.wildixin.com


    Note

    Note: IP range can't be specified in this case. You just need to enter one IP address.


    Note

    Note: Wildix Portal "https://pbx.wildix.com/" and Wildix Chrome Extension "https://chrome-extension://lobgohpoobpijgfegnlhdnppegdbomkn" are hardcoded in the whitelist, there is no need to add them.


  2. After you enter all the values, click Save:




To delete the value from the list, click X.


Note

Note: Starting from WMS 6.04.20230803.1, whitelisting domain can also be used to allow access to files (call recordings, voicemails, faxes). See more in documentation How to download files via different authorization types and CORS domain whitelisting



Macrosuite divider macro
dividerTypetext
dividerWidth70
emoji{"id":"smile","name":"Smiling Face with Open Mouth and Smiling Eyes","short_names":["smile"],"colons":":smile:","emoticons":["C:","c:",":D",":-D"],"unified":"1f604","skin":null,"native":"😄"}
textColor#000000
dividerWeight2
labelPositionmiddle
textAlignmentcenter
iconColor#0052CC
fontSizemedium
textNot finding the help you need? Join the Facebook group to ask a question!
emojiEnabledfalse
dividerColor#DFE1E6
dividerIconbootstrap/CloudsFill

...