We are writing a stand alone JavaScript application that has to create Wiki pages in an IBM Connections community via the Connections API. However, the browser blocks the requests to the Connections API because Cross Origin Resource Sharing (CORS) is not configured on the connections API.
Is it possible to configure the connections API to allow requests from all our internal applications eg *.our-company.com? We're running Connections v5.0.
Yes it's possible. You simply have to configure this in the IHS! This config snippet might be useful for you:
RewriteCond %{HTTP:Origin} (.+\.<yourdomain>\.com) [NC]
RewriteRule .* - [E=acceptorigin:%1]
Header set Access-Control-Allow-Origin %{acceptorigin}e env=acceptorigin
Header set Access-Control-Allow-Credentials true env=acceptorigin
Header set Access-Control-Allow-Methods "POST, GET, HEAD" env=acceptorigin
Header set Access-Control-Max-Age 3600 env=acceptorigin
Header set Access-Control-Allow-Headers Content-Type env=acceptorigin