Configuration File Settings for Spotfire Web Player
These tables provide information about the configuration files for Spotfire Web Player and its interactions with Spotfire Server and Spotfire Automation Services using APIs.
Setting | Default value | Description |
---|---|---|
/javascriptApi -<javaScriptApi
enabled="true" domain="domain1.com,domain2.com">
|
JavaScript API enabled, all domains allowed | Controls whether the use of the JavaScript API is enabled or not enabled, and from which domains it is possible to use the JavaScript API. A non-empty domain whitelist indicates that only listed domains are able to embed Spotfire files in their web site using the JavaScript API. The list is a comma-separated list of domain names. |
/analysis/inactivityTimeout | 2 hours | Timeout for inactive analyses. A
Spotfire
file is closed after the
inactivityTimeout is reached. In practice, a
session timeout is not shorter than the
inactivityTimeout value because an open analysis
file in a web browser continuously renews the session, so the session timeout
is not met. Only after the session has no open files left, and the user session
is not actively connected to
Spotfire Server,
the session timeout starts counting. This design ensures that every HTTP
request renews the session.
|
Setting | Default value | Description |
---|---|---|
/cryptography@encryptConfigurationSections | true
|
Set to
true to encrypt sections of configuration files
containing sensitive information.
|
/cryptography@DataProtectionConfigurationProvider |
DataProtectionConfigurationProvider
|
On Windows: By default the
DataProtectionConfigurationProvider uses Windows
Data Protection API (DPAPI) to encrypt sections of the configuration with a
machine-specific secret key which means that the encrypted sections can only be
decrypted from the same machine as the service is running on. See
Encrypting Configuration Information Using Protected
Configuration for more information.
On Linux: Our own provider is used. |
Setting | Default value | Description |
---|---|---|
/Spotfire.Dxp.Internal.Properties.Settings/AllowedTlsVersions |
Tls, Tls11, Tls12
|
Determines which versions of the TLS security
protocol are allowed. Specify the values separated by a comma ",". For
information about the possible values for this setting, refer to the .NET enum
SecurityProtocolType .
If you leave the value for this setting blank, the allowed TLS
versions are set to
|
/Spotfire.Dxp.Data.Properties.Settings/AllowedFilePaths | Empty | A list of directories that
Spotfire Web Player
or
Spotfire Automation Services
are allowed to use as file data sources. Add only approved network shares or
other paths that contain files that should be possible to load in a
Spotfire
file. For security reasons, you should not add entire drive letters such as C:\
because that would allow
Spotfire
users to read local files from the
Spotfire Web Player
service.
Note: The names are checked in a case-insensitive manner.
|
/system.net/defaultProxy | On Windows: If the Spotfire Web Player or Spotfire Automation Services should use a proxy server to reach internal and external networks, one can be enabled in this file. |
Parent topic: Spotfire Web Player