Hi,
It is ok if I set “Access-Control-Allow-Origin” for 1 domain
But I do not know how to set it for multi domains
Could I set “Access-Control-Allow-Origin” for multi domains?
According to the link below, that does not seem to be possible.
Access-Control-Allow-Originspecifies either a single origin which tells browsers to allow that origin to access the resource; or else — for requests without credentials — the “*” wildcard tells browsers to allow any origin to access the resource.
* is not safe for security. But I do not find any better way.
I 'd like to use CORS with more clearly variables.
Could you have better structure for domain01 and domain 02?
It is sadly only one specific domain or all domains. Nothing else is possible. Once the PR with the Webhook Response-Node got merged, you could do it dynamically. Check it against a fixed list of valid domains and if the request comes from a valid one you can set and return it accordingly.
The only other way I can currently think of how you could make it work right now is with one Webhook-Node per domain. So then each domain would have to use a different URL.
2 Likes