Skip to content

Commit 81289c8

Browse files
Harikrishnan-M-BHarikrishnan-M-B
authored
removed edgio content
1 parent a8d2d32 commit 81289c8

File tree

1 file changed

+0
-36
lines changed

1 file changed

+0
-36
lines changed

articles/cdn/cdn-cors.md

Lines changed: 0 additions & 36 deletions
Original file line numberDiff line numberDiff line change
@@ -55,39 +55,3 @@ A complex request is a CORS request where the browser is required to send a *pre
5555
CORS on Azure CDN works automatically without extra configurations when the **Access-Control-Allow-Origin** header is set to wildcard (*) or a single origin. CDN cache the first response and subsequent requests use the same header.
5656

5757
If requests have already been made to the CDN prior to CORS being set on your origin, you need to purge content on your endpoint content to reload the content with the **Access-Control-Allow-Origin** header.
58-
59-
## Multiple origin scenarios
60-
61-
If you need to allow a specific list of origins to be allowed for CORS, things get a little more complicated. The problem occurs when the CDN caches the **Access-Control-Allow-Origin** header for the first CORS origin. When a different CORS origin makes a subsequent request, the CDN serves the cached **Access-Control-Allow-Origin** header, which doesn't match. There are several ways to correct this problem.
62-
63-
### Azure CDN standard profiles
64-
65-
On Azure CDN Standard from Microsoft, you can create a rule in the [Standard rules engine](cdn-standard-rules-engine-reference.md) to check the **Origin** header on the request. If it's a valid origin, your rule set the **Access-Control-Allow-Origin** header with the desired value. In this case, the **Access-Control-Allow-Origin** header from the file's origin server is ignored and the CDN's rules engine completely manages the allowed CORS origins.
66-
67-
![Rules example with standard rules engine](./media/cdn-cors/cdn-standard-cors.png)
68-
69-
> [!TIP]
70-
> You can add additional actions to your rule to modify additional response headers, such as **Access-Control-Allow-Methods**.
71-
>
72-
73-
#### One regular expression with all valid origins
74-
75-
In this case, you create a regular expression that includes all of the origins you want to allow:
76-
77-
```http
78-
https?:\/\/(www\.contoso\.com|contoso\.com|www\.microsoft\.com|microsoft.com\.com)$
79-
```
80-
81-
If the regular expression matches, your rule replaces the **Access-Control-Allow-Origin** header (if any) from the origin with the origin that sent the request. You can also add extra CORS headers, such as **Access-Control-Allow-Methods**.
82-
83-
![Rules example with regular expression](./media/cdn-cors/cdn-cors-regex.png)
84-
85-
#### Request header rule for each origin.
86-
87-
Rather than regular expressions, you can instead create a separate rule for each origin you wish to allow using the **Request Header Wildcard** [match condition](./cdn-verizon-premium-rules-engine-reference-match-conditions.md). As with the regular expression method, the rules engine alone sets the CORS headers.
88-
89-
![Rules example without regular expression](./media/cdn-cors/cdn-cors-no-regex.png)
90-
91-
> [!TIP]
92-
> In the example, the use of the wildcard character * tells the rules engine to match both HTTP and HTTPS.
93-
>

0 commit comments

Comments
 (0)