Table Of Contents

Configure a LabVIEW Web Service CORS for Filtered Access

Last Modified: November 16, 2020

Configure CORS to allow specific origins you define or well-known origins access to your WebVI resources.


The following content only applies to LabVIEW Web Services deployed to the LabVIEW Application Web Server. NI recommends deploying LabVIEW Web Services to the NI Web Server instead.

What to Use

You can find the Web Services API on the Connectivity palette in LabVIEW.

LabVIEW NXG does not support creating web services.

  • LabVIEW Web Service Request
  • Read Request Variable
  • Set HTTP Header

What to Do

Create the following diagram in a Web Resources VI to configure a LabVIEW Web Service to allow CORS with specific or well-known origins.

Customize the gray sections for your unique programming goals.

A new Web Resources VI automatically adds the LabVIEW Web Service Request class to the block diagram and terminal pane.

Read Request Variable checks the request for the variable you define.

To check the origin of the request, enter Origin for the value of variable.

Use a Case Structure to create two cases: a case to continue if an origin is found in the request and a case to do nothing if an origin is not found in the request.


Web browsers in a same-origin configuration and HTTP clients outside of web browsers may not have an Origin header in the request. These should be handled by the web resource.

Define how to filter the origins you want to access your web resources. Some common implementations include the following:
  • Have a strict list of origins to check against
  • Check for a prefix on the origin, such as http://localhost
  • Use the LabVIEW Web Service Request and Read Request Variable to check for additional information, such as Remote Address

Use a Case Structure to create two cases: a case to continue if the origin passes the filter you implement and a case to do nothing if the origin does not pass the filter.

Set HTTP Header sets the HTTP header value in response to a request.

Use the header Access-Control-Allow-Origin to indicate if the origin making the request can access the response of your Web Service VI.

The header value populates with the origin the filter approves.


If you encounter errors, try the following troubleshooting strategies:
  • Check the implementation of your filter for errors.
  • Verify the header is correct.

Recently Viewed Topics