We understand that many schools operate in stricter security environments than the general public. Therefore, we are providing these details to help ensure the system runs smoothly such that password resets, email changes, and content downloads are all received as intended. These items can be checked at the time of initial setup, or should issues occur down the road.
HTTPS hosts to allow (port 443 inbound):
SMTP inbound FROM addresses (for spam/policy whitelist):
support@ljcreatelms.com
admin@ljcreatelms.com
HTTP inbound response headers to permit (security/cross-domain):
Allow-Access-Control-Origin
Strict-Transport-Security
Referrer-Policy
Content-Security-Policy X-Content-Type-Options (MSIE only “nosniff”)
X-Frame-Options
HTTP inbound response MIME content types to accept:
text/html
text/css
image/png
image/gif
image/x-icon (favicon.ico)
application/javascript
application/json
application/font-woff
application/x-shockwave-flash application/sla (3D Systems stereolithography template file)
Client browser cookies:
1st-party session (required)
Persistent (optional, for remembered log-in only)
3rd-party session (optional, for out-of-date browser warning)