Cors policy is something we all face when writing a Backend API.
This is a simple example of adding a wildcard domain.
ASP.NET Core 9 (Program.cs)
builder.Services.AddCors(options =>
{
options.AddPolicy("AllowItchZone", policy =>
{
policy.SetIsOriginAllowed(origin =>
{
var uri = new Uri(origin);
return uri.Host == "domain.com" || uri.Host.EndsWith(".domain.com");
})
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials();
});
});