[en] If your writers use a web application like Google Docs, it might be necessary to enable Cross-Origin Resource Sharing (CORS). You enable CORS so that your Acrolinx Platform and the web application server can share resources. If you're a Standard Stack user, you can do this by adding a property to your configuration file.
[en] If you're using Standard Stack for the first time, the built-in default CORS settings are active if you don't add your own settings to the overlay. These built-in settings let you connect to the following integrations: Firefox, Chrome, Microsoft Office, and XMetaL.
[en] To enable CORS on your Acrolinx Platform, follow these steps:
[en] Open the core server properties file.
[en] Add the following property:
[en] For example, if you host your web application at the address https://demo-inc.com, you would enter the property as follows:
[en] Some applications require specific values. Below is a list of specific examples that depend on the application you're using:
[en] CORS Property
[en] Allow access from Acrolinx for Chrome. The ID belongs to the Acrolinx extension in Chrome and shouldn't change.
[en] Allow access from Acrolinx for Figma.
[en] Allow access from any Firefox extension. Because of a limitation in Firefox that adds a unique ID to each user instance, we can't set it to only allow the Acrolinx extension.
[en] Google Docs and Google Sheets
[en] Check your CORS Origin in the About tab of your Sidebar.
[en] If you can't access the Sidebar, you can allow access from any Google extension by using:
[en] Microsoft Edge
[en] If you use Microsoft Edge based on Chromium (version 80 or later), add the following CORS value:
[en] Microsoft Edge based on Chromium (80 or later)
[en] Allow access from Acrolinx for Microsoft Edge. The ID belongs to the Acrolinx extension in Microsoft Edge and shouldn't change.
[en] Microsoft Edge based on Chromium requires Acrolinx for Microsoft Edge 1.4 or later.
[en] If you use a non-Chromium-based version of Microsoft Edge (version 44 or earlier), add the following CORS value:
[en] Non-Chromium-based Microsoft Edge (44 or earlier)
[en] Allow access from any Microsoft Edge extension. Because of a limitation in Microsoft Edge that adds a unique ID to each user instance, we can't set it to only allow the Acrolinx extension.
[en] Microsoft Office*
[en] Acrolinx for Office on Windows version 1.6 and later
[en] Acrolinx for Office on Windows version 1.5.x and earlier
[en] Allow access from Microsoft Office.
[en] Microsoft 365 Word
[en] Allow access from Microsoft 365.
[en] Visual Studio Code
[en] Setting CORS is only necessary if you use Acrolinx for Visual Studio Code version 1.1 or above.
[en] The CORS value for Visual Studio Code depends on your version of Visual Studio Code.
[en] Visual Studio Code versions 1.47 and above
[en] Visual Studio Code versions 1.46 and below
<APPLICATION_SERVER_ADDRESS>with the address where you host your WordPress instance. For example, if you host WordPress at https://demo-inc.com, you would enter the property as follows:
[en] Allow access from your local file system. Even though XMetaL isn't a web application, it uses Internet Explorer to load the Sidebar.
[en] Custom or third-party integrations
[en] Open the Sidebar in your custom integration.
[en] Navigate to About.
[en] Copy the CORS Origin link.
[en] Add the link to the
[en] *Included in the built-in default settings for Standard Stack instances.
[en] If you'd like to add multiple origins, you can add all of them to one CORS property and separate them with a comma. Here's an example of how to add multiple origins to allow Firefox and Chrome at the same time:
[en] If you're still having trouble signing in to Acrolinx from the Sidebar, try enabling CORS from any source. To do this, add the property as follows:
[en] We recommend that you only use this setting for temporary testing. Allowing CORS from any source could make your server vulnerable to malicious activity.
[en] Save your changes and restart the Acrolinx Platform.
[en] If you want to limit access to your API endpoints, you can disable all of your CORS settings. To do so, set the property
cors.allowedOrigins= to no value in your
coreserver.properties file. For example:
[en] Be sure to specify a value for
cors.allowedOrigins=. If you leave this blank, Acrolinx will apply the built-in CORS settings by default.