Hi there,
I hope this message finds you well. I'm currently exploring how to create a whitelist in the Webdev Module. However, I've encountered an obstacle in obtaining the origin URL.
I attempted the following approach:
request.setHeader("Access-Control-Allow-Origin", "https://www.origen1.com, https://www.origen2.com")
Unfortunately, it seems that CORS treats the string as a single entity, rather than evaluating each URL separately. As a result, this method isn't functioning as intended.
I'm aiming to achieve something similar to the code snippet below, but I'm unsure where to obtain the origin URL:
servletResp = request['servletResponse']
origin_header = request.getHeader("Origin")
request.setHeader("Access-Control-Allow-Origin", "https://www.origen1.com, https://www.origen2.com")
if origin_header in whiteList:
servletResp.setHeader("Access-Control-Allow-Origin", origin_header)
else:
servletResp.setHeader("Access-Control-Allow-Origin", "null")
PS: I am not willing to considere possibility to use "*".