Jump to content
Welcome to our new Citrix community!

Netscaler / ADC 13 CORS

Recommended Posts

Hi all -


This is probably a remedial question, but my ADC-fu is weaksauce. :)


I am working on an integration between Okta and a resource behind ADC, and need to defeat the "strict-origin-when-cross-origin" header for two domains.


I think I understand the gist of the process, but not the specifics and examples I've found around the web have varying specifics and have left me confused.


Can someone help me with the policy to enable two domains (okta.com and, for testing, oktapreview.com) to allow POST to Netscaler?


Perhaps an important detail I found during my search is this nugget:


"Starting from version 85 the default referrer policy in Chrome has been changed to "strict-origin-when-cross-origin". This change will only send the origin in referrer value rather than full URL."


It's 100% ok if the requirement for this policy to work is Chrome >85 - I can enforce that.


Thanks to anyone who can offer assistance!



Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...