Hi, I’m trying to allow all origins in the CorsFeature plugin but I can’t seem to get it working.
I’ve tried not specifying any allowOriginWhitelist to let it default to "*" but that doesn’t allow anything through and I’ve tried specifying allowOriginWhitelist as new[] { "*" } but that also doesn’t work.
It only works if I explicitly put in the url, wildcard just seems broken.
It’s unlikely you just want to use a wildcard which only enables limited permissions. You’ll likely need to specify all hosts in allowOriginWhitelist you want enabled.
This is an example in our default Jamstack templates which need to utilize CORS for its Ajax requests:
If you’re trying to copy existing behavior of an existing configured site make sure you check the HTTP Headers they’re returning that you’re trying to emulate as it’s unlikely they’re just relying on wildcards.