[asterisk-dev] Coming changes to ari.conf
David M. Lee
dlee at digium.com
Thu Jul 11 09:39:04 CDT 2013
For anyone playing around with ARI, there's a couple of changes coming up soon that will affect your ari.conf file.
First, I am about to change the user config to be more consistent with the Asterisk way of configuring sections. Now, instead of:
[user-admin]
password = peekaboo
A user section will be:
[admin]
type = user
password = peekaboo ; not a recommended password
Another change coming soon is Cross-Origin Resource Sharing configuration. If you'd like to learn more about CORS, or have trouble sleeping at night, you can read the spec[1]. It's a protocol that lets you get around the same origin policy in browsers. So far, we've defaulted to allowing all origins. In the next day or two, the default will change to allow no origins. This is configured in the [general] section of ari.conf. Use '*' to allow all origins (not recommended for production).
[general]
allowed_origins = * ; not at all secure, but it works
[1]: http://www.w3.org/TR/cors/
--
David M. Lee
Digium, Inc. | Software Developer
445 Jan Davis Drive NW - Huntsville, AL 35806 - USA
Check us out at: www.digium.com & www.asterisk.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20130711/83e0fd85/attachment.htm>
More information about the asterisk-dev
mailing list