Cross-Origin Resource Sharing (CORS) rules are being strengthened to improve overall security.
This means that loading external files through GeoAnalytics Server will no longer be possible.
This change will take effect on the 8th of June.
Users running their own GeoAnalytics Server installs will not be affected until they upgrade to upcoming versions.
Map chart
When you are adding or configuring a WMS for the background layer, the WMS configuration will not load if the Via server (CORS) setting is checked. This is the only effect on the map chart.
Existing WMS will still work, however, as it does not affect the image loading.
GeoAnalytics extensions (Qlikview and Qlik Sense)
There should be no visible changes as the map rendering script will be changed to ignore that setting.
However, files loaded through GeoAnalytics Server formerly had additional CORS headers automatically set, but since they will be loaded directly it means that resources loaded from servers that have invalid CORS headers will no longer load.
Resources potentially affected for the extensions are:
- Custom symbols in the Bubble Layer
- WMS tiles in the Geodata Layer (if Load via Server is checked)
- External geo files (if Load via Server is checked)
If Load via Server is checked, try to uncheck it to see if they still load.
Commercial sites, image hosts, etc. should have the proper headers already.
More info about CORS headers
