[英]How to make Azure API Management (API Gateway) CORS policy dynamic?
I want to add domains(Origins) in allowed-origins section dynamically in Azure API gateway. 我想在Azure API网关中动态地在allowed-origins部分添加域(起源)。 Is it possible ?
可能吗 ? Or is there another way we can setup the CORS, so that we can allow origins dynamically.
或者我们可以设置CORS的另一种方式,以便我们可以动态地允许原点。
<cors>
<allowed-origins>
<origin>http://www.example.com</origin>
</allowed-origins>
<allowed-methods>
<method>GET</method>
<method>POST</method>
</allowed-methods>
</cors>
You can't dynamically add elements to policy configuration, but you can dynamically provide values for them ( https://docs.microsoft.com/en-us/azure/api-management/api-management-policy-expressions ): 您无法动态添加元素到策略配置,但您可以为它们动态提供值( https://docs.microsoft.com/en-us/azure/api-management/api-management-policy-expressions ):
<cors>
<allowed-origins>
<origin>@(context.Request.Url.ToUri().GetLeftPart(UriPartial.Authority))</origin>
</allowed-origins>
<allowed-methods>
<method>GET</method>
<method>POST</method>
</allowed-methods>
</cors>
I found one way that I'm mentioning bellow. 我发现了一种我提到的方式。
<inbound>
<base />
<send-request mode="new" response-variable-name="variable" timeout="600" ignore-error="true">
<set-url>@("http://MyDomain/ApiMethod?Origin="(string)context.Request.Headers["Origin"].Last())</set-url>
<set-method>GET</set-method>
<set-body />
</send-request>
<cors>
<allowed-origins>
<origin>@((string)((IResponse)context.Variables["variable"]).Body.As<JObject>(true)["Origin"])</origin>
</allowed-origins>
<allowed-methods>
<method>GET</method>
<method>POST</method>
</allowed-methods>
</cors>
</inbound
<origin></origin>
<origin></origin>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.