FAQ about domain name change for the sharing page
This topic outlines the solution for the DataV-Board dashboard sharing link domain name transition from datav.aliyuncs.com to b.datav.run, which may lead to malfunctions.
Background information
To enhance the dashboard sharing feature, DataV-Board will update the sharing page domain name from datav.aliyuncs.com to b.datav.run effective November 20, 2024.
Following the domain name update, certain scenarios may be subject to cross-origin access limitations, rendering the new domain name unreachable. Refer to this topic for troubleshooting guidance as needed:
Widgets using API as data source
Widgets that utilize API as a data source might experience blocked cross-origin requests due to the domain name change. Troubleshoot by checking the Need Cookie option in the data source configuration for the widget:
If the Need cookie option is selected, it indicates that the API call bypasses a proxy and requires cookie information for authentication or state maintenance.
This topic uses a line chart as an example for data source configuration. The process for other widgets is analogous.

If the Need Cookie option is not selected: Verify that the request's response headers
response headersincludeAccess-Control-Allow-Origin: *, which permits the browser to access the resource from any origin, enabling cross-origin resource sharing (CORS).If the Need Cookie option is selected: Dynamically return the response headers
response headersthat allow cross-origin requests, based on the request fieldrequest.headers.referer. Below is an example code snippet.Current page address
Request field request.headers.referer
Response headers that meet the requirements
Editor page:
https://datav.aliyun.com/v/editor/216787https://datav.aliyun.com/admin/screen/216787Access-Control-Allow-Origin: https://datav.aliyun.comSharing page (before domain name change):
https://datav.aliyuncs.com/share/xxxhttps://datav.aliyuncs.com/share/xxxAccess-Control-Allow-Origin: https://datav.aliyuncs.comSharing page (after domain name change):
https://b.datav.run/share/xxxhttps://b.datav.run/share/xxxAccess-Control-Allow-Origin: https://b.datav.run
Widgets using DataV Proxy Service as data source
Widgets that leverage the DataV Proxy Service as a data source might face blocked cross-origin requests due to the domain name update. The following steps can help resolve the issue:
If the DataV Proxy Service lacks configured cross-origin origins (i.e., the configuration is empty), no modifications are necessary.
NoteCross-origin origin refers to the practice of making network requests across different domain names, protocols, or ports to facilitate resource sharing.
If cross-origin origins are specified in the DataV Proxy Service, include the following two addresses in the relevant configuration:
http://b.datav.runhttps://b.datav.run
DataV Proxy Service
Old cross-origin origins configuration
New cross-origin origins configuration
Cross-origin origins not configured
None
None
Cross-origin origins configured
https://datav.aliyuncs.com http://datav.aliyuncs.com https://datav.aliyun.com http://datav.aliyun.comhttps://datav.aliyuncs.com http://datav.aliyuncs.com https://datav.aliyun.com http://datav.aliyun.com https://b.datav.run http://b.datav.run
Using carousel pages or iframe widgets
The use of carousel pages or iframe widgets may lead to cross-origin restrictions, preventing access to the page under the new domain b.datav.run and causing issues with loading the inner content.
This topic provides guidance using iframe widgets as an example for troubleshooting. The approach for carousel pages is similar.
If the iframe page content fails to load correctly after accessing the new sharing link, it suggests that the page includes an X-Frame-Options restriction in the response header. The iframe page address entered does not support being accessed under b.datav.run.
Please delete the X-Frame-Options field in the response header or modify the content of the X-Frame-Options field to increase cross-origin support. The following code provides an example.
The X-Frame-Options field is designed to protect web pages from certain types of attacks and bolster web security. X-Frame-Options can be set to the following values:
X-Frame-Options: DENY, which prohibits any website from embedding the page in an iframe.
X-Frame-Options: SAMEORIGIN, which allows only the same-origin website to embed the page in an iframe.
X-Frame-Options: ALLOW-FROM URL, which permits a specified origin (URI) to embed the page in an iframe.
Current page address | request.headers.referer | Response headers that meet the requirements |
Editor page: | | |
Sharing page (before domain name change): | | |
Sharing page (after domain name change): | | |