Suggestion: Allowed Origins

  • Resolved paulgaske

    (@paulgaske)


    7 years, 1 month ago

    It’d be awesome to specify a list of allowed origins rather than relying on ‘*’.

    Something like:
    In the admin settings, allow a selection (say: “one of” or “from list”), and allow a CSV of hostnames to be entered.

    Then in the plugin, check that the incoming HTTP_HOST matches one of the origins in the settings, and reply with a Allow header only when it’s in the list; otherwise let the request proceed without an Allow header.

Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • The topic ‘Suggestion: Allowed Origins’ is closed to new replies.