Hi,
It is ok if I set “Access-Control-Allow-Origin” for 1 domain
But I do not know how to set it for multi domains
Could I set “Access-Control-Allow-Origin” for multi domains?
Hi,
It is ok if I set “Access-Control-Allow-Origin” for 1 domain
But I do not know how to set it for multi domains
Could I set “Access-Control-Allow-Origin” for multi domains?
According to the link below, that does not seem to be possible.
Access-Control-Allow-Origin
specifies either a single origin which tells browsers to allow that origin to access the resource; or else — for requests without credentials — the “*
” wildcard tells browsers to allow any origin to access the resource.
*
is not safe for security. But I do not find any better way.
I 'd like to use CORS with more clearly variables.
Could you have better structure for domain01
and domain 02
?
It is sadly only one specific domain or all domains. Nothing else is possible. Once the PR with the Webhook Response-Node got merged, you could do it dynamically. Check it against a fixed list of valid domains and if the request comes from a valid one you can set and return it accordingly.
The only other way I can currently think of how you could make it work right now is with one Webhook-Node per domain. So then each domain would have to use a different URL.