enablecors.scriptā¢951 B
// Switch to the "DEMO" namespace where the FHIR server is running
set $NAMESPACE = "DEMO"
// Define the CORS configuration name
set configName = "%CSP.CORS"
// Open the existing CORS configuration or create a new one
set corsConfig = ##class(Security.CSPConfig).%OpenId(configName)
if corsConfig = "" {
set corsConfig = ##class(Security.CSPConfig).%New()
set corsConfig.Name = configName
}
// Allow all domains (for development purposes)
set corsConfig.AllowOrigin = "*"
// Allow common HTTP methods
set corsConfig.AllowMethods = "GET,POST,PUT,DELETE,OPTIONS"
// Allow common headers needed for FHIR API interactions
set corsConfig.AllowHeaders = "Content-Type, Authorization, X-Requested-With"
// Allow credentials (e.g., for authentication)
set corsConfig.AllowCredentials = 1
// Save the configuration
do corsConfig.%Save()
// Confirm CORS settings are applied
write "CORS has been enabled for all domains in the DEMO namespace.",!