How to apply multiple cors rules at once in azure front door

katsukichi 21 Reputation points
2023-03-23T09:27:45.0366667+00:00

User's image

In the image shown above, a lot of App service CORS are registered.

Also, I applied multiple CORS to the server endpoint ruleset in azure frontdoor premium.

The problem is that many domains

The point is that you have to create a new rule every time you register CORS.

Is there no way ?

User's image

Azure Front Door
Azure Front Door
An Azure service that provides a cloud content delivery network with threat protection.
575 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. GitaraniSharma-MSFT 47,006 Reputation points Microsoft Employee
    2023-05-25T13:18:25.04+00:00

    Hello @katsukichi

    Apologies in the delay in response.

    I understand that you would like to know how to apply multiple CORS rules at once in Azure Front Door.

    I suggested you set the Access-Control-Allow-Origin header to wildcard (*).

    You can add multiple origins in the same rule by clicking on the edit option of the header value and add all your origins to a single rule and then set the Access-Control-Allow-Origin header to wildcard (*) as below:

    enter image description here

    As mentioned in the below doc, CORS on Azure Front Door will work automatically with no extra configuration when the Access-Control-Allow-Origin header is set to wildcard (*).

    Refer: https://learn.microsoft.com/en-us/azure/frontdoor/standard-premium/troubleshoot-cross-origin-resources#wildcard-or-single-origin-scenarios

    However, you had doubts regarding this configuration as you have AAD authentication configured on your app service and wanted to know if it is possible to set such CORS rule as a wildcard.

    I discussed this setup with the Azure Front Door Product Group team, and they mentioned the below:

    We don’t anticipate any issues with the customer using the wildcard override for the Access-Control-Allow-Origin header.

    Note: If the customer adds a new CORS origin after setting up the initial rule, they will need to purge the endpoint cache to reload the header for the new CORS origin.

    So, you should be able to set the Access-Control-Allow-Origin header to wildcard (*) for your setup to apply multiple CORS rules at once in Azure Front Door.

    Kindly let us know if the above helps or you need further assistance on this issue.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments