This article will address the following:
-
Whitelist of Domains Overview
-
Domain Lists
-
Developer Notes
Whitelist of Domains Overview
Summary: A Whitelist of domains is essentially a list of pre-approved programs that are safe and/or necessary for product within LiveTiles to function properly. In our case, we need specific libraries to either pull data or style our sites the way they should.
-
For instance, for the Calendar Tile to work in V4, it requires numerous plug-ins which are located in cdnjs.cloudflare.com.
-
Page Designer relies on content distribution networks for product assets, performance monitoring and core product functionality.
Domain Lists
Below is a list of all domains that need to be Whitelisted or allowed for Page Designer to work:
V5:
-
cdn.livetiles.io
-
cdnjs.cloudflare.com // only for bluebird.core.min.js by oauth token handler
V4:
-
ltcdn.blob.core.windows.net // might be found in image urls from saved tiles
-
code.jquery.com
-
maxcdn.bootstrapcdn.com
-
cdn.ckeditor.com
-
cdn.datatables.net
-
ltd.azureedge.net // might be found in image urls from saved tiles
-
unpkg.com // for monaco editor (custom code editor)
-
cdnjs.cloudflare.com
The following domains are also used for Social Networking Tiles:
-
platform.twitter.com
-
connect.facebook.net
-
c64.assets-yammer.com
-
s0.assets-yammer.com
The following are Page Designer for Azure-specific:
-
westus.livetiles.cloud is the domain for the connection to the enterprise environment.
-
us.livetiles.io is the domain for the connection to the teams environment.
-
tokens.livetiles.io is the service that handles authenticating the tiles against O365/Azure AD
-
login.microsoftonline.com is the service that actually does the login against Azure AD
The following are additional domains for various purposes (Tiles and more):
-
widget.intercom.io // for intercom
-
api.giphy.com // for Giphy tile
-
api.powerbi.com // for Power Bi tile
-
lt-exprss.azurewebsites.net // for RSS tile
-
soundcloud.com // for SoundCloud tile
-
api.soundcloud.com
-
w.soundcloud.com
Developer Notes (Only Applies to V4)
-
Most of the domains above that are CDNs for hosting JavaScript files should have a fallback URL at ltd.azureedge.net, so many of the ones above are optional. This means if the requests fails, it will fail back to the file hosted on our CDN at ltd.azureedge.net.
Comments
0 comments
Article is closed for comments.