Liquid syntax error: Unknown tag 'endraw'
Jason St-Cyr
Posted on • Originally published at jasonstcyr.com on
Azure Functions – Access has been blocked by CORS policy
For further actions, you may consider blocking this person and/or reporting abuse
Top comments (4)
Isn't adding 'localhost' or 'dev.local' a security risk in production? Or am I misunderstanding how this setting in the Azure Portal works?
For your production environment, you do want to remove any unsecure settings and restrict it to your production origin configurations. This is fine for some easy dev work. However, I wouldn't rely in production on CORS to provide my security. I would want to make sure I was using networking security to prevent entry into my production infrastructure from external untrusted parties.
Did you try to run fetch from 3rd party service like js fiddle, zapier?
I have connection timeout there, but API calls work from browser or postman. It seems like there are some IPs being blocked
Sorry Boris, I didn't try that path out. Let me know if you figure it out, though!