Skip to main content

This content has been archived and is no longer being updated. Links may not function; however, this content may be relevant to outdated versions of the product.

Support Article

Mashup does not load with dynamic domains



Operators in a third-party system experience Cross Origin Resource Sharing (CORS) warnings in the console when accessing the Pega application on the Chrome browser.

Error Messages

Not Applicable

Steps to Reproduce

Not Applicable

Root Cause

The client used a Mashup that was used in dynamic domains. The Mashup Security section in the application record on the Security and Integration tab did not allow for wild cards, https://*

The client did not want to define all the sub domains in this record where the Mashup would be displayed, because the list would get large.


The top-level application will know the sub-domain in which the page is displayed.
  1. Add a parameter to the Mashup to specify the domain.
  2. At runtime as part of post authentication, modify the Application.pyMashupHostDomainList which is a Data-PWMashup page group.
For example:

data-pega-action-param-parameters="{UserIdentifier:'<user>',isWebMashup:'true', acceptDomain:’east’}"

The application record specifies https://* 
  1. Take the acceptDomain parameter in custom configuration, such as in the ApplicationProfileSetup activity or before the page displays and dynamically modify the Application.pyMashupHostDomainList(1).
  2. Replace the '*' with the value of acceptDomain which results in: 
Perform this before any HTTP response with the Harness data is returned to the client.

Published August 15, 2019 - Updated December 2, 2021

Was this useful?

0% found this useful

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice
Contact us