More specific ACAO

diff --git a/etc/apache2/spclient-live b/etc/apache2/spclient-live
index 0d5a5c3..2d5eebf 100644 (file)
--- a/etc/apache2/spclient-live
+++ b/etc/apache2/spclient-live
@@ -16,8 +16,7 @@
     RewriteLog /var/log/apache2/mkws-rewrite.log 
     RewriteRule /service-proxy-auth /service-proxy/?command=auth&action=login&username=guest&password=guest [P] # [NE,P]
 
-    ### Way too general: should limit by requested URL and origin
-    Header set Access-Control-Allow-Origin "*"
+    Header set Access-Control-Allow-Origin "http://somesite.indexdata.com"
 
     # For MKC Service Proxy
     ProxyPass        /service-proxy/ http://mkc.indexdata.com:9009/service-proxy/