Exemplo n.º 1
0
            public override bool TryValidateOrigin(CorsRequestContext requestContext, CorsPolicy policy, CorsResult result)
            {
                if (requestContext == null)
                {
                    throw new ArgumentNullException(nameof(requestContext));
                }
                if (policy == null)
                {
                    throw new ArgumentNullException(nameof(policy));
                }
                if (result == null)
                {
                    throw new ArgumentNullException(nameof(result));
                }

                if (requestContext.Origin != null)
                {
                    if (policy.AllowAnyOrigin)
                    {
                        if (policy.SupportsCredentials)
                        {
                            result.AllowedOrigin = requestContext.Origin;
                        }
                        else
                        {
                            result.AllowedOrigin = CorsConstants.AnyOrigin;
                        }
                    }
                    else if (policy.Origins.Any(x => UrlExtensions.IsSubdomainOf(requestContext.Origin, x)))
                    {
                        result.AllowedOrigin = requestContext.Origin;
                    }
                    else
                    {
                        result.ErrorMessages.Add($"Origin {requestContext.Origin} not allowed");
                    }
                }
                else
                {
                    result.ErrorMessages.Add("No origin header present");
                }

                return(result.IsValid);
            }