+ Start a Discussion
Veeru AVeeru A 

Access-Control-Allow-Origin Header with multiple Domains

Is there a clean way to support multiple Access-Control-Allow-Origin domains for access to my REST Apex class?

I tried adding the domains by adding each one individually....e.g. 

res.addHeader('Access-Control-Allow-Origin'.' ....etc.
res.addHeader('Access-Control-Allow-Origin' ... etc.

I trield res.addHeader('Access-Control-Allow-Origin''http://domaina.com, http://domainb.com');

no go 

Do I have to interrogate who is calling and then do an addheader allowing that domain? 

If so, any example code out there for that? 

Hoping there is an easier path on that. 

Yes, you'll need to interrogate the incoming request, and populate the CORS header 
Veeru AVeeru A
OK...went that route and all is working. D

patricia wildpatricia wild
Access control is used to restrict access to specified areas or restrict entry to specific individuals or groups. There are two categories of access control: logical access control only limits connections to system files, network resources, and other data on the same server. Physical access control usually determines physical IT resources. Many commercial and residential software packages offer various types of access control (http://dicsan.com/home/accesscontrol/) to support security requirements.