CORS

To configure CORS, or cross-origin resource sharing, the following dependency must be installed:

  1. pip install apache-superset[cors]

The following keys in superset_config.py can be specified to configure CORS:

  • ENABLE_CORS: Must be set to True in order to enable CORS
  • CORS_OPTIONS: options passed to Flask-CORS (documentation)

Domain Sharding

Chrome allows up to 6 open connections per domain at a time. When there are more than 6 slices in dashboard, a lot of time fetch requests are queued up and wait for next available socket. PR 5039 adds domain sharding to Superset, and this feature will be enabled by configuration only (by default Superset doesn’t allow cross-domain request).

Add the following setting in your superset_config.py file:

  • SUPERSET_WEBSERVER_DOMAINS: list of allowed hostnames for domain sharding feature.

Please create your domain shards as subdomains of your main domain for authorization to work properly on new domains. For Example:

  • SUPERSET_WEBSERVER_DOMAINS=['superset-1.mydomain.com','superset-2.mydomain.com','superset-3.mydomain.com','superset-4.mydomain.com']

or add the following setting in your superset_config.py file if domain shards are not subdomains of main domain.

  • SESSION_COOKIE_DOMAIN = '.mydomain.com'

Middleware

Superset allows you to add your own middleware. To add your own middleware, update the ADDITIONAL_MIDDLEWARE key in your superset_config.py. ADDITIONAL_MIDDLEWARE should be a list of your additional middleware classes.

For example, to use AUTH_REMOTE_USER from behind a proxy server like nginx, you have to add a simple middleware class to add the value of HTTP_X_PROXY_REMOTE_USER (or any other custom header from the proxy) to Gunicorn’s REMOTE_USER environment variable: