IIS CORS multiple domain

Question

How enable multiple domains for Access-Control-Allow-Origin? I have one application (ASP .NET MVC) binded to example.com and www.example.com

Next code not valid.

<httpProtocol>
  <customHeaders>
    <add name="Access-Control-Allow-Origin" value="http://example.com,http://www.example.com" />
    <add name="Access-Control-Allow-Methods" value="*" />
    <add name="Access-Control-Allow-Credentials" value="true" />
  </customHeaders>

Valid or http://example.com or http://example.com

I need both

Possible duplicate of [Access-control-allow-origin with multiple domains](http://stackoverflow.com/questions/17323350/access-control-allow-origin-with-multiple-domains) — Steven V, Mar 24 '17 at 13:22

score -1 · Answer 1 · answered Apr 18 '17 at 19:59

private void GlobalBeginRequest(object sender, EventArgs e)
{
    var Origins = "domain1.com,domain2.com,domain3.com:8081";
    if ((Request.Headers["Origin"] != null) && (Origins.Split(',').FirstOrDefault(x => Request.Headers["Origin"].Contains(x)) != null))
    {
        Response.Headers.Add("Access-Control-Allow-Origin", String.Format("{0}", Request.Headers["Origin"]));
    }
}

IIS CORS multiple domain

1 Answers1