Configuring Access-Control-Allow-Headers in Azure Functions

Question

I have an API built through Azure Functions that works when called through JavaScript in all browsers except for Safari. From another question, it appears I need to allow a header of "Origin" in the CORS configuration. The only configuration I see in the Azure portal is allowing origins. How do I configure allowed headers?

If it matters, this is developed and published through VS2017 Azure function tools.

Welcome to Stack Overflow. Please read the posting guidelines. — catbadger, Aug 24 '17 at 15:01
FWIW, Azure always set allowed headers to all of them, so it's probably something else. Check the url, safari is a bit finicky about trailing slashes — ahmelsayed, Aug 24 '17 at 16:29
The URL was the problem. The developer with the issue was trying to use HTTP instead of HTTPS which was not in the CORS allowed origin filter. Add your comment as an answer and I'll select that. — musicgamer, Aug 24 '17 at 21:07

score 3 · Answer 1 · answered Aug 25 '17 at 08:54

3

How do I configure allowed headers?

It seems that we also could do that with Azure portal. More details info please refer to the screenshot.

To allow all, use "*" and remove all other origins from the list. Slashes are not allowed as part of domain or after TLD.

answered Aug 25 '17 at 08:54

Tom Sun - MSFT

24,161
3
30
47

1

That only configures allowed origins, not allowed headers. – musicgamer Aug 28 '17 at 14:15

score 1 · Accepted Answer · answered Aug 28 '17 at 14:18

1

Allowed headers are not configurable within Azure Functions as it allows all.

answered Aug 28 '17 at 14:18

musicgamer

11
4

Configuring Access-Control-Allow-Headers in Azure Functions

2 Answers2

Linked