![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 31%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EF%3C/text%3E%3C/svg%3E)
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
8,933 questions
Hi @Fazenda
We apologies for the delay in response.
Based on the docs: "CORS on Azure Front Door will work automatically with no extra configuration when the Access-Control-Allow-Origin header is set to wildcard (*) or a single origin. Azure Front Door will cache the first response and ensuing requests will use the same header.
If requests have already been made to the Azure Front Door before CORS being set on your origin, you'll need to purge content on your endpoint content to reload the content with the Access-Control-Allow-Origin header."
Keep in mind that you can create a rule in the Azure Front Door Rules Set to check the Origin header on the request. If it's a valid origin, your rule will set the Access-Control-Allow-Origin header with the correct value. In this case, the Access-Control-Allow-Origin header from the file's origin server is ignored and the AFD's rules engine completely manages the allowed CORS origins.
Please read this doc for more details. Let us know if you have further questions.
Thanks,
Grace
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(156.8, 66%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJS%3C/text%3E%3C/svg%3E)