FAQ about domain name change for the sharing page

Updated at:
Copy as MD

This topic outlines the solution for the DataV-Board dashboard sharing link domain name transition from datav.aliyuncs.com to b.datav.run, which may lead to malfunctions.

Background information

To enhance the dashboard sharing feature, DataV-Board will update the sharing page domain name from datav.aliyuncs.com to b.datav.run effective November 20, 2024.

Following the domain name update, certain scenarios may be subject to cross-origin access limitations, rendering the new domain name unreachable. Refer to this topic for troubleshooting guidance as needed:

Widgets using API as data source

Widgets that utilize API as a data source might experience blocked cross-origin requests due to the domain name change. Troubleshoot by checking the Need Cookie option in the data source configuration for the widget:

Note
  • If the Need cookie option is selected, it indicates that the API call bypasses a proxy and requires cookie information for authentication or state maintenance.

  • This topic uses a line chart as an example for data source configuration. The process for other widgets is analogous.

image

  • If the Need Cookie option is not selected: Verify that the request's response headers response headers include Access-Control-Allow-Origin: *, which permits the browser to access the resource from any origin, enabling cross-origin resource sharing (CORS).

  • If the Need Cookie option is selected: Dynamically return the response headers response headers that allow cross-origin requests, based on the request field request.headers.referer. Below is an example code snippet.

    Current page address

    Request field request.headers.referer

    Response headers that meet the requirements

    Editor page:

    https://datav.aliyun.com/v/editor/216787
    https://datav.aliyun.com/admin/screen/216787
    Access-Control-Allow-Origin: https://datav.aliyun.com

    Sharing page (before domain name change):

    https://datav.aliyuncs.com/share/xxx
    https://datav.aliyuncs.com/share/xxx
    Access-Control-Allow-Origin: https://datav.aliyuncs.com

    Sharing page (after domain name change):

    https://b.datav.run/share/xxx
    https://b.datav.run/share/xxx
    Access-Control-Allow-Origin: https://b.datav.run

Widgets using DataV Proxy Service as data source

Widgets that leverage the DataV Proxy Service as a data source might face blocked cross-origin requests due to the domain name update. The following steps can help resolve the issue:

  • If the DataV Proxy Service lacks configured cross-origin origins (i.e., the configuration is empty), no modifications are necessary.

    Note

    Cross-origin origin refers to the practice of making network requests across different domain names, protocols, or ports to facilitate resource sharing.

  • If cross-origin origins are specified in the DataV Proxy Service, include the following two addresses in the relevant configuration:

    • http://b.datav.run

    • https://b.datav.run

    DataV Proxy Service

    Old cross-origin origins configuration

    New cross-origin origins configuration

    Cross-origin origins not configured

    None

    None

    Cross-origin origins configured

    https://datav.aliyuncs.com
    http://datav.aliyuncs.com
    https://datav.aliyun.com
    http://datav.aliyun.com
    https://datav.aliyuncs.com
    http://datav.aliyuncs.com
    https://datav.aliyun.com
    http://datav.aliyun.com
    https://b.datav.run
    http://b.datav.run

Using carousel pages or iframe widgets

The use of carousel pages or iframe widgets may lead to cross-origin restrictions, preventing access to the page under the new domain b.datav.run and causing issues with loading the inner content.

Note

This topic provides guidance using iframe widgets as an example for troubleshooting. The approach for carousel pages is similar.

If the iframe page content fails to load correctly after accessing the new sharing link, it suggests that the page includes an X-Frame-Options restriction in the response header. The iframe page address entered does not support being accessed under b.datav.run.

Please delete the X-Frame-Options field in the response header or modify the content of the X-Frame-Options field to increase cross-origin support. The following code provides an example.

Note

The X-Frame-Options field is designed to protect web pages from certain types of attacks and bolster web security. X-Frame-Options can be set to the following values:

  • X-Frame-Options: DENY, which prohibits any website from embedding the page in an iframe.

  • X-Frame-Options: SAMEORIGIN, which allows only the same-origin website to embed the page in an iframe.

  • X-Frame-Options: ALLOW-FROM URL, which permits a specified origin (URI) to embed the page in an iframe.

Current page address

request.headers.referer

Response headers that meet the requirements

Editor page:

https://datav.aliyun.com/v/editor/216787
https://datav.aliyun.com/v/editor/216787
X-Frame-Options: ALLOW-FROM https://datav.aliyun.com

Sharing page (before domain name change):

https://datav.aliyuncs.com/share/xxx
https://datav.aliyuncs.com/share/xxx
X-Frame-Options: ALLOW-FROM https://datav.aliyuncs.com

Sharing page (after domain name change):

https://b.datav.run/share/xxx
https://b.datav.run/share/xxx
X-Frame-Options: ALLOW-FROM https://b.datav.run