A web site contains resources: images, style sheets, scripts, iframes and videos. Requests originating in this web site use these resources to display content. To prevent malicious attacks, web browsers enforce SOSP (Same-Origin Security Policy). This policy ensures that only approved local resources display in the browser and forbids a resource on a different web site from manipulating resources on the site that is already displaying valid content. This security is important. SOSP ensures that a malicious web site cannot invade a company’s web site with malicious content or delete and change valid web site content.

Some applications that involve multiple web sites legitimately need to share resources. CORS (Cross-Origin Resource Sharing) enables a web site to securely access resources on another web site that would otherwise be restricted.

In a Niagara installation, a video camera contains video resources: live video, generated alarms when motion is detected and video recordings. To securely transfer these resources from the camera for viewing in the web UI of a Niagara station, CORS is required.

The XProtect Mobile Server provides this CORS security for your Milestone network. The server works with both the nmilestone and xprotect drivers, and supports any camera connected to an XProtect or Milestone NVR.

You configure the XProtect Mobile Server using Workbench.