Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Enable CORS Wildcard subdomains with Azure Functions

Azure functions allows us to enable cors and give a specific set of urls that are allowed access. We can also enter the wildcard character (*) which allows all domains to have access to the function.

Is there a way to add an entry into the cors setting to allow all subdomains of a particular domain access to the function rather than explicitly setting each subdomain? We have tried adding an entry such as http://*.example.com to see if that would allow the subdomains to get access, but it doesn't seem to be working. We were wondering if there was any other way to accomplish this.

Suggestions are welcome and appreciated.

Thanks much in advance.

like image 931
Vikas C Avatar asked Oct 28 '22 21:10

Vikas C


1 Answers

As noted in this StackOverflow answer, CORS is all or nothing when it comes to hostnames. You must provide the explicit domain or subdomain. It's part of the overall specification and not Microsoft-specific.

Since you don't have access to the underlying server in Azure Functions, you can't use the proposed RegEx-based header for CORS.

Thus, I'd recommend that you look at using JSONP, if your function output is JSON. It can be as simple as checking for the callback query string parameter and wrapping your output in the callback function. Example in Node.js:

const addCallback = function (context, req) {
  if (req.query && req.query.callback) {
    context.res.body = callback + '(' + JSON.stringify(context.res.body) + ')'
  }
}
like image 192
arboc7 Avatar answered Nov 15 '22 05:11

arboc7