Cross-Origin Resource Sharing (CORS)

Most modern browsers implement the Same-Origin Policy, which restricts how a document or a script loaded from one origin can interact with a resource from another origin.

When the Enable cross-origin resource sharing property is enabled on Cloudera Data Science Workbench, web servers will include the Access-Control-Allow-Origin: * HTTP header in their HTTP responses. This gives web applications on different domains permission to access the Cloudera Data Science Workbench API through browsers.

This property is disabled by default .

When this property is disabled, web applications from different domains will not be able to programmatically communicate with the Cloudera Data Science Workbench API through browsers. In most circumstances, this property should remain disabled. If you have a website that needs to access the CDSW cluster, then enabling this property will make the cluster less secure.