What is Cross-Origin Resource Sharing (CORS)?

Cross-Origin Resource Sharing(CORS) is a protocol that works with HTTP and allows APIs to be accessed from different origins than the one from which the browser is loading resources.

For security reasons, browsers restrict cross-origin HTTP requests initiated from scripts. This is known as the same-origin policy. Normally, a web application can only request resources from the same origin it was loaded from. CORS allows servers to permit or deny requests based on the origin, and it enables applications to access the resources from the API requests. Learn more

This feature enables customers to verify that end users initiate Webchat conversations from specific websites, which can help prevent spam.

CORS is a mechanism that only affects requests made from browsers. Non-browser applications are not impacted by CORS.

How to configure CORS Headers?

To configure CORS Headers, follow these steps:

  1. Create a list of the websites where you want to add the Webchat widget.

  2. Contact Tech support via email and request them to enable CORS Headers for HSAPI and WebSDK.

  3. Once the headers are enabled, verify that Webchat is working properly.

    Note: Make sure to include all the websites in the list; otherwise, users won't be able to use Webchat on those websites.