public bool TryEvaluate(HttpRequestMessage request, out IDictionary <string, string> headers)
{
headers = null;
string origin = null;
try
{
origin = request.Headers.GetValues("Origin").FirstOrDefault();
}
catch (Exception)
{
this.ErrorMessage = "Cross-origin request denied";
return(false);
}
Uri originUri = new Uri(origin);
_Logger.DebugFormat("{0} origin: {1}", AllowOrigins.ToJson(), originUri.Authority);
if (AllowOrigins.Contains(originUri.Authority))
{
headers = this.GenerateResponseHeaders(request);
return(true);
}
this.ErrorMessage = "Cross-origin request denied";
return(false);
}
static CorsAttribute()
{
try
{
AllowOrigins = Configuration.GetAppConfig("AllowCorsOrigins")
.Split(new char[] { ',' },
StringSplitOptions.RemoveEmptyEntries);
_Logger.Debug(AllowOrigins.ToJson());
}
catch (Exception ex)
{
_Logger.Error(Configuration.GetAppConfig("AllowCorsOrigins"), ex);
}
}
