cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
699
Views
5
Helpful
6
Replies

Cisco Switch SG350 - CORS header

calexfiel
Level 1
Level 1

The web server service running on this switch appears to create it's Access-Control-Allow-Origin response header based on the user-supplied Origin value. I am needing to  include the “Vary: Origin” header to prevent caching. The header indicates that the response is in some way dependent on the origin and should therefore not be served from cache for any other origin. 

Someone can help to fix it? 

1 Accepted Solution

Accepted Solutions

marce1000
VIP
VIP

 

   - These parameters can not be changed on those devices , let alone on other cisco switches.

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !

View solution in original post

6 Replies 6

marce1000
VIP
VIP

 

   - These parameters can not be changed on those devices , let alone on other cisco switches.

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !

Thank you for your help.

Hi Marce, sorry for bother you, I have another question;

Based on result penetration test I have to disable all SSL export grade ciphers, to prevent 'SSL FREAK' (Factoring Attack on RSA-EXPORT Keys). Is it the same concept, or that is possible to set up in the Control Panel? 

 

   - The only thing that you can do to mitigate such attacks is to use the latest firmware and then run the penetration test again (e.g.)

 M,



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !

Hello,

just out of curiosity, what is the 'Vary' value in the response header that you captured ? Is it a wildcard ('*') ?

Vary: Origin` will cause the user agent to fetch a response that includes `Access-Control-Allow-Origin`, rather than using the cached response from the previous non-CORS request that lacks `Access-Control-Allow-Origin`. So yes, should be a wildcard. I am not network professional.

Thank you so much again for your help

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: