If validation is done by hostname and not by hostheader, what is the function of the hostheader?
I have an application in production today where access is done without AzureFD by the url https://web.customer.com.br and I need to put AzureFD to protect it. My idea is to set up a Origin in AzureFD by pointing the hostname to web-afd.customer.com.br and the hostheader as web.customer.com.br, then in public DNS it would direct the web.customer.com.br record to AzureFD. This way I don't need to interact with the application.