public override bool TryValidateOrigin(CorsRequestContext requestContext, CorsPolicy policy, CorsResult result)
{
if (requestContext == null)
{
throw new ArgumentNullException(nameof(requestContext));
}
if (policy == null)
{
throw new ArgumentNullException(nameof(policy));
}
if (result == null)
{
throw new ArgumentNullException(nameof(result));
}
if (requestContext.Origin != null)
{
if (policy.AllowAnyOrigin)
{
if (policy.SupportsCredentials)
{
result.AllowedOrigin = requestContext.Origin;
}
else
{
result.AllowedOrigin = CorsConstants.AnyOrigin;
}
}
else if (policy.Origins.Any(x => UrlExtensions.IsSubdomainOf(requestContext.Origin, x)))
{
result.AllowedOrigin = requestContext.Origin;
}
else
{
result.ErrorMessages.Add($"Origin {requestContext.Origin} not allowed");
}
}
else
{
result.ErrorMessages.Add("No origin header present");
}
return(result.IsValid);
}