N
Novu•4w ago
Prateek Sharma

Define origins in access-control-allow-origin header for in-app notifications

Hello, We have a react frontend and we are using the Novu notification plugin and initializing using the url: https://api.novu.co/v1/widgets/session/initialize with applicationIdentifier. In the response header, we are getting access-control-allow-origin: *. Is there a way we can update it to a specific set of origins in the Novu manage platform ?
6 Replies
Ask Inkeep
Ask Inkeep•4w ago
Hi @Prateek Sharma, I'm an AI assistant for Novu. While a team member reviews this question, I'll see if I can find relevant sources for your question. ----------------------------- While I generate an answer, here are some sources that might be helpful: * Vue * Object Storage (S3, Blob, GCS) * How to Add Digest to In-App Notifications * API Reference ----------------------------- Answer Sorry, I wasn't able to find any information about your question. Please click on the "Ask for help" button to tag a team member to review your question. Got it. Tagging @Support for additional help.
Pawan Jain
Pawan Jain•3w ago
@Prateek Sharma Would you like to share your usecase with this request?
Prateek Sharma
Prateek Sharma•3w ago
Hello Pawan. We are currently getting VAPT done for our SOC2 certification. In the findings, we were shared a finding that the response header for access origin returns * on calling api.novu.co from out frontend. This is the remediation we were shared: The cross-domain policy published in this application allows access from any i.e. it appears to be overly permissive.Review the domains that are allowed by the cross-domain policy and determine whether it is appropriate for the application to trust the domains and their contents
Pawan Jain
Pawan Jain•3w ago
@Prateek Sharma Thanks for sharing. Sharing with team to take a look 🙂 @Dima Grossman can you please take a look at this?
Prateek Sharma
Prateek Sharma•2w ago
Hello @Pawan Jain @Dima Grossman . Is there any update on this ? Thank you!
Pawan Jain
Pawan Jain•2w ago
@Prateek Sharma I shared your requirements with team Currently we don't support this feature. We are working on notification center restructuring. we have added this into our backlog and will take a look after initial launch after restructuring
Want results from more Discord servers?
Add your server
More Posts
I have an issue where the translation file is not applied to the template while other ones work fineI hitting rock a translation file, it is just not displaying the translations only the key names, I The website crashes when I do .length while writing a custom email templateHey, I was using Novu's digest feature to send emails. I can do `step.events.length` which gives How do I add avatar URLs or images in an in-app notification?Is there any documentation for this? Here is the one, I could find but it's incomplete: https://docsIn App notification expireDid novu support to mark app notification expire based on some conditions like if notification is nSelf Hosting: Problems with Nginx reverse proxyI've read two previous posts on this however I can't get reverse proxying working for novu. I am ushow can i check my socket url is set correctlyIs there any doc related to how to set socket url for novu? I facing some issues while try to connecOverride Apns in FCMFrom the docs stated in the below link , the overrides field supports apns. but when i tried to useEvents to invalid receiver emailHi! I was implementing some new emails and couldn't figure out an issue - some mails were not showinContent types supported?Hi, our organization recently signed up for a trial account. Our engineers are looking into the workMulti Tenancy Notification System for companiesHi , I had some questions about novu. I want to use it in my notification service which I will deplo