matchOrigin in https://github.com/networknt/light-4j/blob/master/cors/src/main/java/com/networknt/cors/CorsUtil.java doesn't seem to as far as I can tell. Do we need to specify specific port numbers in our allowedOrigins for cors.yml? i.e. http://localhost:8080 instead of http://localhost?
Asked
Active
Viewed 35 times
1 Answers
0
For security reasons, the wildcard is not supported. If you enable CORS, you normally only allow certain domains. If all domains are allowed, it is against the purpose of the CORS. When using port 80 or 443, you don't need to specify the port number. If other ports are used, it must be specified.
Steve Hu
- 358
- 2
- 10