mschae
commented
6 years ago Not exactly, wildcard domains are not part of the CORS spec.
I’d recommend a regex tho:
config :cors_plug, origin: ~r{^https?://\w+\.example\.com$}Open thiamsantos opened 6 years ago
mschae
commented
6 years ago Not exactly, wildcard domains are not part of the CORS spec.
I’d recommend a regex tho:
config :cors_plug, origin: ~r{^https?://\w+\.example\.com$}
thiamsantos
commented
6 years ago @mschae we have been using regex so far. However we are in the process of migration to distillery, and we will use a toml file as config in the production environment. Toml files do not support regex, only primitives types. So would be a cool feature on cors_plug to support wildcard domains, even if it is not a part of the CORS spec. I would be happy to send PR implementing this feature.
Right now, we will use a custom config that will convert the wildcards to regex and pass the origins directly to the plug itself. I think it will solve the problem for us.
It is possible to pass a list with wildcard domain as valid origins?