The Cascade CMS Asset Audit requires a modern browser to run properly.
What is CORS?
CORS stands for Cross-Origin Resource Sharing. It’s a modern browser security mechanism that uses additional HTTP headers to tell browsers to give a web application running at one origin, access to selected resources from a
different origin.
The Cascade CMS Asset Audit is a web application running on your Cascade CMS server (it’s origin) and when the report attempts to check if an asset is publicly available online, it needs to access resources from a different origin. Even subdomains are considered
different origins.
The best solution would require your server admin to allow CORS to your Cascade CMS server but that may not always be possible.
Other possible solutions include using a proxy and/or a browser extension.
A proxy acts as a middleman and processes the request. You can set up your own proxy or use a 3rd party proxy. 3rd party proxies can be unreliable and pose a security risk depending on the data you are passing to them.
A browser extension changes the headers your browser sends when requesting a resource which allows CORS. For example, CORS Unblock is a simple to use extension
that is available for Chrome, Firefox and Edge. Browser extensions can pose their own risk, you should research your own and use the extension you’re most comfortable with.
